Building an LDAP Server on Linux, Part 2

LDAP provides central management of access, authentication, and authorization -- in other words, it makes your life as an admin much easier. Learn the ins and outs of LDAP as well as how to build your own LDAP server in this three-part series.

 By Carla Schroder
Page 1 of 4
Print Article

Welcome back! In Part 1 we learned basic concepts of LDAP and the uses for an LDAP server. Today we'll install and configure an OpenLDAP directory.

A quick note before we get started: this is LDAP 101. We are not installing any kind of encryption or strong authentication; we'll get to that in part 3. In my experience, learning LDAP in small chunks works best. (Then again, perhaps I'm just a bit dim.) So sit back, strap in, and keep your fingers away from the training wheels.

The Easy Way

The wise sysadmin will consult the documentation for their distro; it's quite possible that OpenLDAP will be packaged and ready to go in a pleasing manner (or ready to go in an odd manner — you never know). I'm all for easy — if your particular distribution provides an easy way, use it. RPMs can also be obtained from rpmfind.net, which thoughtfully lists all the required additional packages.

Debian of course goes its own merry way. apt-get does the job just fine; the tricky bit is finding out the package names. Debian users want ldap-utils; slapd, which is OpenLDAP; and libdb4.1, to get the Sleepycat DB. These three components are enough to get you up and running. apt-get will walk you through a minimal configuration and will automatically start up slapd, the LDAP server daemon.

Installing from Source

At the barest minimum, two tarballs are needed:

  • Berkeley Sleepycat DB
  • OpenLDAP tarball
The Berkeley DB must be installed before OpenLDAP. OpenLDAP will not build without it. (See Resources for information on how to get it.)

The OpenLDAP tarball is under 2 megabytes, which means even us dial-up lusers can download it without pain. As of this writing, the stable edition is openldap-stable-20030709.tgz. I like to park the tarball and unpack it in /usr/src/:

root@windbag:/usr/src# tar xfz openldap-stable-20030709.tgz

This creates the openldap-2.1.22 directory:

root@windbag:/usr/src# cd openldap-2.1.22

Page 2: Installing from Source (Continued)

This article was originally published on Oct 20, 2003
Get the Latest Scoop with Networking Update Newsletter