RSS

Fedora 9: Install dan konfigurasi LDAP Server untuk Addressbook

24 Jul

Langkah-langkah membuat openldap server, untuk addressbook

1. Install OpenLDAP server :

  • yum install openldap-servers

2. Install juga OpenLDAP clinet gunanya untuk pencari, membuat, mengubah, dan menghapus entri dalam ldap server

  • yum install openldap-clients

3. Generate Password hash menggunkan :

  • slappasswd
  • New password:
  • Re-enter new password: {SSHA}QmEGWu/+Qz5Edt2YYpU05fDLdLa6Y59g

hasil keluarannya copy dan paste di file konfigurasi.

4. Tambahkan di file konfigurasi /etc/openldap/ldap.conf

  • URI ldap://127.0.0.1:389/
  • BASE dc=pondoklukman,dc=com

5. Tambah juga di file konfigurasi /etc/openldap/slapd.conf

include   /etc/openldap/schema/corba.schema
include   /etc/openldap/schema/core.schema
include   /etc/openldap/schema/cosine.schema
include   /etc/openldap/schema/duaconf.schema
include   /etc/openldap/schema/dyngroup.schema
include   /etc/openldap/schema/inetorgperson.schema
include   /etc/openldap/schema/java.schema
include   /etc/openldap/schema/misc.schema
include   /etc/openldap/schema/nis.schema
include   /etc/openldap/schema/openldap.schema
include   /etc/openldap/schema/ppolicy.schema
include   /etc/openldap/schema/collective.schema

allow bind_v2

pidfile   /var/run/openldap/slapd.pid
argsfile  /var/run/openldap/slapd.args

security ssf=1 update_ssf=112 simple_bind=64

database  bdb
suffix    “dc=pondoklukman,dc=com”
checkpoint  1024 15
rootdn    “cn=Manager,dc=pondoklukman,dc=com”
rootpw QmEGWu/+Qz5Edt2YYpU05fDLdLa6Y59g
atau
rootpw    B3l4J4r

directory /var/lib/ldap

index objectClass                       eq,pres

database monitor

access to *
by dn.exact=”cn=Manager,dc=pondoklukman,dc=com” read

6. Membuat base DN

  • buat file pondoklukman.ldif
dn: dc=pondoklukman,dc=com
objectclass: dcObject
objectclass: organization
o: OpenLDAP
dc: pondoklukman

dn: cn=Manager,dc=pondoklukman,dc=com
objectclass: organizationalRole
cn: Manager
  • import ke ldap
  • ldapadd -x -c -r -D “cn=Manager,dc=pondoklukman,dc=com” -w B3l4J4r -f pondoklukman.ldif

7. Copy DB konfigurasi file openldapnya

  • cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG

8. Start openldap server

  • /etc/init.d/slapd start atau service slapd start

Sampai proses ini LDAP Server sudah berjalan

9. Menambahkan base addressbook ke ldap server

  • Buat file addressbook.ldif

dn: ou=addressbook,dc=pondoklukman,dc=com
objectClass: organizationalUnit
objectClass: top
ou: addressbook

dn: cn=pondok,ou=addressbook,dc=pondoklukman,dc=com
objectClass: inetOrgPerson
objectClass: top
givenName: pondok
sn: pondok
cn: pondok
mail: pondok@pondoklukman.com

dn: cn=lukman,ou=addressbook,dc=pondoklukman,dc=com
objectClass: inetOrgPerson
objectClass: top
givenName: lukman
sn: lukman
cn: lukman
mail: lukman@pondoklukman.com

  • import ke ldap
  • ldapadd -x -c -r -D “cn=Manager,dc=pondoklukman,dc=com” -w B3l4J4r -f addressbook.ldif

10. Selanjutnya supaya ldap server bisa di akses via website perlu di install phpldapadmin, dengan catatan sudah terinstall web server/httpd.

  • yum install phpldapadmin

11. Konfigurasi phpldapadmin ada di /etc/phpldapadmin/config.php, ubah seperlunya

$servers->newServer(‘ldap_pla’);
$servers->setValue(‘server’,’name’,’LDAP Server’);
$servers->setValue(‘server’,’host’,’localhost’);
$servers->setValue(‘server’,’port’,389);
$servers>setValue(‘server’,’base’,array(‘ou=addressbook,dc=pondoklukman,dc=com’));
$servers->setValue(‘login’,’auth_type’,’session’);
$servers>setValue(‘login’,’bind_id’,’cn=Manager,dc=pondoklukman,dc=com’);
$servers->setValue(‘login’,’bind_pass’,”);
$servers->setValue(‘server’,’tls’,false);

12. Restart web server dan ldap server

13. Akses dengan browser ke

atau

13 . Login dengan user dan password yg telah diconfigurasi atau dengan Anonymous
Login LDAP Server via phpldapadmin

 
Leave a comment

Posted by on 24 July, 2009 in Linux

 

Tags: , , , , ,

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: