Building an LDAP Server on Linux, Part 3

Learn the ins and outs of LDAP as well as how to build your own LDAP server in this four-part series. Part 3 addresses populating your LDAP directory with actual data and gliding effortlessly through some of the more common showstoppers.

 By Carla Schroder
Page 1 of 4
Print Article

So, you've come back for more OpenLDAP fun. Part 1 of this series served as an introduction to the Lightweight Directory Access Protocol, with a breakdown of what the protocol can and cannot do. In Part 2 we covered installation and a very basic configuration. Today we'll populate our directory with actual data and glide effortlessly through some of the more common showstoppers.

Let's start with a review of our slapd.conf configuration from part 2:

##Database Directives##
database bdb
suffix "dc=carlasworld,dc=net"
rootdn "cn=Manager,dc=carlasworld,dc=net"
rootpw secret
directory "/var/lib/ldap"

Let's take a good look at each line in the configuration.

  • First, make sure to replace "carlasworld.net" with your real domain.

  • The rootdn is extremely important. This is where you create the authorized user to make entries into the database. Here I've called it Manager. You can make this anything: admin, boss, ldapdeitysupreme — whatever your heart desires.

  • rootpw is also of extreme importance. This is the authorized user's (Manager's) password. For now, we'll use a cleartext password. In the example above, it's "secret"; again the password can be anything you want.

  • The directory where OpenLDAP stores the actual database files is on the next line. This directory MUST exist before starting slapd.
"/var/lib/ldap" is a common location created by the installer. Your Linux distribution may have plonked it somewhere else, though. You can also create a location of your own choosing. However, there is more to it than just creating the directory — see the OpenLDAP Administrator's Guide for the gory details.

The directory will already be populated by the following files:

$ ls /var/lib/ldap
__db.001 __db.003 __db.005 id2entry.bdb objectClass.bdb
__db.002 __db.004 dn2id.bdb log.0000000001

Page 2: Is It Working Yet?

This article was originally published on Nov 11, 2003
Get the Latest Scoop with Networking Update Newsletter