Resources

Set up the LDAP Server

Ubuntu

Note: It assumed you are running the following as root.

Install the following packages

 $ apt-get install slapd ldap-utils

During installation, you will be asked to configure ldap-auth-config. For this example, and for general compsoc website development, the following are the recommended answers:

ldap server name: ldapi://localhost/
Distinguished name of the search base: dc=compsoc,dc=nuigalway,dc=ie
LP version to use: 3
Make local root database admin: yes
Does the LDAP database require login: no
LDAP account for root: cn=admin,dc=compsoc,dc=nuigalway,dc=ie
LDAP root account password: password

Reconfigure slapd

 $ dpkg-reconfigure slapd

The following are suggested answers:

Omit OpenLDAP server configuration? ... No
DNS domain name: ... compsoc.nuigalway.ie
Name of your organization: ... Compsoc NUIG
Admin Password: XXXXX
Confirm Password: XXXXX
OK
BDB
Do you want your database to be removed when slapd is purged? ... No
Move old database? ... Yes
Allow LDAPv2 Protocol? ... No

Test the server. The server should now be set up and running with a user 'admin'. To test this run
```
 $ ldapsearch -x -b dc=compsoc,dc=nuigalway,dc=ie
```
with should return a valid result. If it doesn't and you get something like
```
ldap_bind: Can't contact LDAP server (-1)
```
check to make sure the slapd process is running. To start it run
```
 /etc/init.d/slapd start
```

Populating the database

Install the following:
```
 $ apt-get migrationtools
```

Configure migrate_common.ph NOTE This file may be at /usr/share/perl5/migrate_common.ph or /usr/share/migrationtools/migrate_common.ph. Replace the following two parameters as necessary:
```
$DEFAULT_MAIL_DOMAIN = "compsoc.nuigalway.ie";
$DEFAULT_BASE = "dc=compsoc,,dc=nuigalway,dc=ie"; 
```

Export /etc/group and /etc/passwd to ldif :

 $  cd /usr/share/migrationtools/ 
 $ ./migrate_group.pl /etc/group ~/group.ldif
 $ ./migrate_passwd.pl /etc/passwd ~/passwd.ldif

Tidy Up LDIF: You may want to do some editing on the created ldif files; remove system users (with uid less than 1000) and replace capitalization of Group and People. If you use vim to edit the files you can use the following search and replace:
```
%s/Group/group/g
```
```
%s/People/people/g
```

Group and People Nodes Add the following to ~/people_group.ldif

dn: ou=people, dc=compsoc, dc=nuigalway, dc=ie
ou: people
objectclass: organizationalUnit
 
dn: ou=group, dc=compsoc, dc=nuigalway, dc=ie
ou: group
objectclass: organizationalUnit

Import users and groups to LDAP's database

 $  ldapadd -x -W -D "cn=admin,dc=compsoc,dc=nuigalway,dc=ie" -f ~/people_group.ldif
 $  ldapadd -x -W -D "cn=admin,dc=compsoc,dc=nuigalway,dc=ie" -f ~/group.ldif
 $  ldapadd -x -W -D "cn=admin,dc=compsoc,dc=nuigalway,dc=ie" -f ~/passwd.ldif

Test It

$ldapsearch -x -b dc=compsoc,dc=nuigalway,dc=ie

If you've borked up the database and want to start from scratch, remove every file except DB_CONFIG from /var/lib/ldap/ . Obviously this should be done with extreme care!!! Remember to reconfigure slapd:

$dpkg-reconfigure slapd

Next step is to modify the ldap server config file /etc/slapd.conf

Set Up the Clients

Install the following packages

$apt-get install libnss-ldap libpam-ldap

You'll be asked a series of configuration questions:

ldap server name: ldapi://localhost/
Distinguished name of the search base: dc=compsoc,dc=nuigalway,dc=ie
LP version to use: 3
Make local root database admin: yes
Does the LDAP database require login: no
LDAP account for root: cn=admin,dc=compsoc,dc=nuigalway,dc=ie
LDAP root account password: password