Configuring OpenLDAP Server and Client in RHEL 7 How to Configure OpenLDAP Authentication on Linux

HomeOther ContentConfiguring OpenLDAP Server and Client in RHEL 7 How to Configure OpenLDAP Authentication on Linux
Channel: Nehra Classes Sourced: Youtube Published 4 years ago
Configuring OpenLDAP Server and Client in RHEL 7 How to Configure OpenLDAP Authentication on Linux
Configuring OpenLDAP Server and Client in RHEL 7 How to Configure OpenLDAP Authentication on Linux
Install and configure Openldap server and client in Redhat Enterprise Linux 7:

dapserver.nehraclasses.com 192.168.1.170
ldapclient.nehraclasses.com 192.168.1.180

Server configuration:
1. Install the required LDAP packages.
[root@ldapserver ]# yum -y install openldap* migrationtools

2. Create an LDAP root password for administrative purposes
[root@ldapserver ]# slappasswd
New Password:
Re-enter the new password:

3. Modify the OpenLDAP server configuration
[root@ldapserver ]# vim /etc/openldap/slapd.d/cnconfig/olcDatabase{2}hdb.ldif

4. Provide Monitor privileges.
[root@ldapserver cnconfig]# vim /etc/openldap/slapd.d/cnconfig/olcDatabase{1}monitor.ldif

[root@ldapserver cnconfig]# slaptest -u
configuration file test passed

5. Enable and start the SLAPD service.
[root@ldapserver cnconfig]# systemctl starts slapd
[root@ldapserver cnconfig]# systemctl enable slapd
[root@ldapserver cnconfig]# netstat -lt grep ldap

6. Configure the LDAP database.
[root@ldapserver cnconfig]# cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG

[root@ldapserver cnconfig]# chown -R ldap:ldap /var/lib/ldap/
Add the following LDAP schemas.
[root@ldapserver cnconfig]# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/cosine.ldif
[root@ldapserver cnconfig]# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/nis.ldif
[root@ldapserver cnconfig]# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/inetorgperson.ldif

7. Create the self-signed certificate
[root@ldapserver cnconfig]# openssl req -new -x509 -nodes -out /etc/pki/tls/certs/nehraclassesldap.pem -keyout /etc/pki/tls/certs/nehraclassesldapkey.pem -days 365

Check the certificates created under the location /etc/pki/tls/certs/
[root@ldapserver cnconfig]# ll /etc/pki/tls/certs/*.pem

8. Create base objects in OpenLDAP.
[root@ldapserver cnconfig]# cd /usr/share/migrationtools/
[root@ldapserver migrationtools]# vim migrate_common.ph
DEFAULT_MAIL_DOMAIN //"nehraclasses.com/";
DEFAULT_BASE /"dcnehraclasses,dccom/";
EXTENDED_SCHEMA1;

9. Generate a base.ldif file for your domain.
[root@ldapserver migrationtools]# touch /root/base.ldif

10. Create local users.
[root@ldapserver migrationtools} # useradd ldapuser1
[root@ldapserver migrationtools} # useradd ldapuser2
[root@ldapserver migrationtools] # echo /"redhat/" passwd –stdin ldapuser1
[root@ldapserver migrationtools] # echo /"redhat/" passwd –stdin ldapuser2
[root@ldapserver migrationtools]# grep /":10[0-9][0-9]/" /etc/passwd /root/passwd
[root@ldapserver migrationtools]# grep /":10[0-9][0-9]/" /etc/group /root/group
[root@ldapserver migrationtools]# ./migrate_passwd.pl /root/passwd /root/users.ldif
[root@ldapserver migrationtools]# ./migrate_group.pl /root/group /root/groups.ldif

11. Import users into the LDAP database.
[root@ldapserver migrationtools]# ldapadd -x -W -D /"cnManager,dcnehraclasses,dccom/" -f /root/base.ldif
[root@ldapserver migrationtools]# ldapadd -x -W -D /"cnManager,dcnehraclasses,dccom/" -f /root/users.ldif
[root@ldapserver migrationtools]# ldapadd -x -W -D /"cnManager,dcnehraclasses,dccom/" -f /root/groups.ldif

12. Test the configuration.
[root@ldapserver migrationtools]# ldapsearch -x cnldapuser1 -b dcnehraclasses,dccom

[root@ldapserver migrationtools]# ldapsearch -x -b 'dcnehraclasses,dccom' '(objectclass*)'

13. Stop Firewalld to allow the connection.
[root@ldapserver migrationtools]# systemctl stop firewalld

14. NFS configuration to export home directory.
[root@ldapserver ]# vim /etc/exports
/home *(rw,sync)

Enable and restart the rpcbind and nfs services.
[root@ldapserver ]# yum -y install rpcbind* nfs*
[root@ldapserver ]# systemctl starts rpcbind
[root@ldapserver ]# systemctl starts nfs
[root@ldapserver ]# systemctl enable rpcbind
[root@ldapserver ]# systemctl enable nfs

Test the NFS configuration.
[root@ldapserver ]# showmount -e

Customer configuration:
1. Configuring Ldap client to use LDAP server.
[root@ldapclient ]# yum install -y openldap-clients nss-pam-ldapd rpcbind* nfs*

2. Start and enable the services.
# systemctl starts rpcbind
# systemctl starts nfs
# systemctl activates rpcbind
# systemctl activate nfs

3. Mount the LDAP user home directory.
# vim exports /etc
/home/ *(rw)
# showmount -e localhost

4. Configure LDAP authentication.
# authconfig-tui

5. Mount the /home directory.
# mount ldapserver.nehraclasses.com:/home /home
Enter into AutoFS.

6. Test the client configuration.
[root@ldapclient ]# getent passwd ldapuser1
ldapuser1:x:1000:1000:ldapuser1:/home/ldapuser1:/bin/bash

7. Access the LDAP user account and create files.
# su – ldapuser1
Now access the Ldap server and check the files of ldapuser1 in his home directory.
# cd /home/ldapuser1
# ls -lh
You have successfully configured LDAP server and LDAP client in RHEL 7.

Please take the opportunity to connect and share this video with your friends and family if you find it useful.

No Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Privacy Policy | Terms of Services | Contact us | DMCA

We adhere to fair use guidelines when quoting from other sources. We provide brief excerpts and proper attribution.

Redway © 1999-2024