Linux Mail Server Setup and Howto Guide

This article will show you how to setup an LDAP address book using OpenLDAP, an open source implementation of the Lightweight Directory Access Protocol.

Installing OpenLDAP

The command line equivalent of the steps below is yum install openldap-servers openldap-clients.

1. Click Applications then click Add/Remove Software. This will launch the Package Manager window.

2. Click the Search tab. Next type in openldap and click the Search button.

3. Select the latest version of openldap-servers and openldap-clients then click Apply. Next click on Continue until it proceeds with the installation.

4. After installation, click Ok. You now have successfully installed the OpenLDAP servers and clients.

Configuring OpenLDAP

The example below uses acme.local as the base domain.

1. Edit the file /etc/openldap/slapd.conf.

suffix "dc=acme,dc=local"
rootdn "cn=manager,dc=acme,dc=local"
rootpw password

To avoid storing the password in plain-text, convert the password to a hash by using the command slappasswd -s password and paste the resulting hash into the file.

2. Copy the file /etc/openldap/DB_CONFIG.example and put it into /var/lib/ldap as DB_CONFIG.

3. Start the ldap service. Learn how to start services here.

4. Create a file named base.ldif containing the lines below and save it into your home directory.

dn: dc=acme,dc=local
dc: acme
objectClass: domain

5. Import base.ldif into your directory using the command below.

ldapadd -x -D "cn=manager,dc=acme,dc=local" -w password -f ~/base.ldif

Replace password with the root password you specified in slapd.conf.

To populate your directory, create a file similar to the one below and import it using ldapadd or better yet, use a GUI tool like JXplorer, a Java based LDAP browser.

dn: ou=People,dc=acme,dc=local
ou: People
objectClass: organizationalUnit

dn: uid=bugsbunny,ou=People,dc=acme,dc=local
uid: bugsbunny
cn: Bugs Bunny
displayName: Bugs Bunny
givenName: Bugs
sn: Bunny
objectClass: inetOrgPerson
userPassword: password
mail: bugsbunny@acme.local

The displayName attribute is required for Outlook addressbook users.

Related Pages

Active Directory/LDAP virtual users in Postfix and Dovecot.

Visit the forum to ask for help or to give a comment.

***
Posted on 4/19/2008 and last updated on 11/7/2009
Filed under CentOS 5 , LDAP , Red Hat Enterprise Linux 5

• E-mail
• Delicious
• Digg
• Google Bookmarks
• Add To Any

 

12 Responses to “OpenLDAP Setup Howto for RHEL/CentOS 5”

1. aKBaR:
   November 18th, 2008 at 6:18 am

   in the line of step Configuration openLDAP, there is:

   2. Copy the file /etc/openldap/DB_CONFIG.example and put it into /var/lib/ldap as DB_CONFIG.

   but i can’t find file DB_CONFIG.example, in the /etc/openldap/ there is have just a 2 files, ldap.conf n’ slapd.conf, would u telling me where i can find the file DB_CONFIG.example

   well consultant help me ASAP!

2. consultant:
   November 18th, 2008 at 9:25 am

   Hi aKBaR,

   I have DB_CONFIG.example in my setup. Are you using RHEL/CentOS 5?

3. aKBaR:
   November 18th, 2008 at 9:49 am

   nope… i’m using Fedora core 9
   so what should i do, if there’s no DB_CONFIG.example on my setup? please guide me, b’coz i’m a newer on linux FC9.

4. consultant:
   November 18th, 2008 at 10:34 am

   See this site for creating DB_CONFIG http://www.openldap.org/faq/data/cache/1072.html

5. Cynewave:
   November 26th, 2008 at 7:13 am

   If you only have the 2 config files, check to make sure you have openldap-servers installed. You most likely have only the client installed…

6. Arsky:
   December 25th, 2008 at 10:22 pm

   @aKBaR

   The latest F9 openldap-servers package comes with DB_CONFIG.example in /usr/share/doc/openldap-servers-2.4.10/DB_CONFIG.example. Check your package version for similar path.

7. lalit:
   August 14th, 2009 at 2:53 am

   when i try to add user it shows me this error
   it’s add only one user and when i try to second user it gives me this error
   Enter LDAP Password:
   adding new entry “uid=lalit kumar,ou=addressbook,dc=example,dc=com”
   ldap_add: Already exists (68)

8. consultant:
   August 15th, 2009 at 9:57 am

   Hi lalit,

   That means the uid lalit kumar already exists. To simplify managing OpenLDAP, I suggest you use JXplorer. You will need the Java Runtime Environment to use it.

9. Lalit:
   August 18th, 2009 at 1:07 am

   Hi Sir,
   can u tell me the way to configure jexplorer in rhel 5.0

10. consultant:
    August 21st, 2009 at 5:03 pm

    Hi Lalit,

    See How to Setup JXplorer

11. Lalit:
    August 21st, 2009 at 9:39 pm

    Hi Sir,
    I’m getting below error

    ./jxplorer.sh
    starting JXplorer…
    Use “jxstart.sh console” if you want logging to the console

    =========================
    JXplorer failed to start
    =========================
    Please ensure that you have appropriate “xhost” access to the machine you are
    running this from. Make sure the DISPLAY environment variable is set correctly.
    Otherwise, ask your Unix Systems Administrator for more information on running
    X Windows applications.

    If you require more information run “./jxplorer.sh console” and check the
    error produced.

12. consultant:
    August 22nd, 2009 at 6:45 am

    Hi Lalit,

    1. Make sure you are in /opt/jxplorer directory which I think you are

    2. Make sure you are at the server GUI console, the program requires X-Windows

    3. If you really need to work on it remotely use VNC

    4. If none of the above work, try ./jxplorer.sh console to see the error