Jump to: navigation, search

Configuring slapd on Ubuntu Server


apt-get install slapd ldap-utils

Now reconfigure the default schema

dpkg-reconfigure slapd

Set up groups


dn: ou=People,dc=batc,dc=tv
objectClass: organizationalUnit
ou: People
dn: ou=Groups,dc=batc,dc=tv
objectClass: organizationalUnit
ou: Groups
dn: cn=cloud-users,ou=Groups,dc=batc,dc=tv
objectClass: groupOfNames
cn: cloud-users
dn: cn=streamer-users,ou=Groups,dc=batc,dc=tv
objectClass: groupOfNames
cn: streamer-users

Add as admin

ldapadd -x -D cn=admin,dc=batc,dc=tv -W -f groups.ldif

New User


dn: uid=joe,ou=People,dc=batc,dc=tv
objectClass: inetOrgPerson
objectClass: shadowAccount
uid: joe
sn: Bloggs
givenName: Joe
cn: Joe Bloggs
displayName: John Bloggs
userPassword: joeldap

Add as admin

ldapadd -x -D cn=admin,dc=batc,dc=tv -W -f user.ldif

Test Password Auth

ldapwhoami -vvv -x -w "joeldap" -D "uid=joe,ou=People,dc=batc,dc=tv"

Delete Entry

ldapdelete -W -D "cn=admin,dc=batc,dc=tv" "uid=adam,ou=users,dc=batc,dc=tv"

Add User to Group


dn: cn=streamer-users,ou=groups,dc=batc,dc=tv
changetype: modify
add: member
member: uid=joe,ou=People,dc=batc,dc=tv

Modify as admin

ldapmodify -x -W -D "cn=admin,dc=batc,dc=tv" -f addtogroup.ldif


Malformed LDIF File

ldapadd: attributeDescription "dn": (possible missing newline after line 9, entry "ou=People,dc=batc,dc=tv"?)
ldapadd: attributeDescription "dn": (possible missing newline after line 10, entry "ou=People,dc=batc,dc=tv"?)
ldapadd: attributeDescription "dn": (possible missing newline after line 11, entry "ou=People,dc=batc,dc=tv"?)

This can mean that the ldif file is malformed. In my case, copying and pasting from this page had inserted space characters on the blank newlines. Removing these solved the issue.

Cannot create empty group

ldap_add: Object class violation (65)
	additional info: object class 'groupOfNames' requires attribute 'member'

According to the RFC spec, a groupOfNames must contain at least one member. I worked around this by adding a 'blank' user to the group definition.

member: uid=people_placeholder,ou=People,dc=batc,dc=tv

This could be a security hole - will investigate removal after group population.