First we will install OpenLDAP by running the command as root:
apt-get install slapd ldap-utils ldapscripts
The first command installs the OpenLDAP server (slapd is acronym for Stand-alone LDAP Daemon), and we also install ldap-utils (Some tools for working with the ldap)
Now that OpenLDAP is installed, we want to configure it. The easiest way is to run the command:
dpkg-reconfigure slapd
Now that OpenLDAP is installed and configured, we will install GOsa by running the command under:
apt-get install gosa gosa-schema
The GOsa schema files are for the old way of doing things in OpenLDAP, (Earlier a file called slapd.conf was used for config, but is now depricated) and we need to convert them to the new format.
First create a file /etc/ldap/convert.conf in your favorite text editor (nano/vi/vim to give you some examples)
Paste the content shown under into this file, and save it.
include /etc/ldap/schema/core.schema include /etc/ldap/schema/cosine.schema include /etc/ldap/schema/nis.schema include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/gosa/samba3.schemainclude /etc/ldap/schema/gosa/gofon.schemainclude /etc/ldap/schema/gosa/gosystem.schemainclude /etc/ldap/schema/gosa/goto.schemainclude /etc/ldap/schema/gosa/gosa-samba3.schemainclude /etc/ldap/schema/gosa/gofax.schemainclude /etc/ldap/schema/gosa/goserver.schemainclude /etc/ldap/schema/gosa/goto-mime.schemainclude /etc/ldap/schema/gosa/trust.schema
Now that you have created that file (We list it as the old format OpenLDAP used), we need to convert it to the new format. Create a temporary directory by typing the command:
mkdir /tmp/ldapconvert
Convert the conf file we created by running the command:
slaptest -f /etc/ldap/convert.conf -F /tmp/ldapconvert
You should get the result: config file testing succeeded
Now there have been created some files in the folder /tmp/ldapconvert. We are interested in the schema files.
Copy the schema files by running the command:
cp -p /tmp/ldapconvert/cn\=config/cn\=schema/* /etc/ldap/slapd.d/cn\=config/cn\=schema/
Now we need to change the ownership on all the files in the ldap folder by running the command under:
chown -R openldap:openldap /etc/ldap/slapd.d/
service slapd restart
Your OpenLDAP installation is now complete!
GOsa was installed in the start of the guide, so all you need to do is to open your webbrowser an go to the pc/server address with /gosa behind it. Example http://localhost/gosa
————————————————————————————————————————————
LDAP connection
- Location name Specify a name for the location you are configuring here.
- Connection URL The ldap connection url e.g.
- TLS connection Set this option to 'Yes', if you want to use a secure ldap connection. If this is option is enabled, be sure that your ldap server is configured to support it.
- Base Specify the base of your ldap server here e.g. dc=company,dc=de
Authentication
- Admin DN Enter the ldap admin dn here, if you prefer you can use the 'Automatically append LDAP base to admin DN' option to minimize input. eg. cn=admin,dc=company,dc=de
- Admin password The ldap admin account password.
Schema based settings
- Use rfc2307bis compliant groups 来源: <>
just following the step and you will get it~