LDAP Tools/OpenLDAP HowTo

From Authentication Tools for Joomla! (JAuthTools)

< LDAP Tools
Revision as of 13:26, 25 May 2007 by Pasamio (Talk | contribs)
Jump to: navigation, search

Note: This article is incomplete, and is perhaps still being written. Check back later for more information.

This is a step by step how to on how to get OpenLDAP installed and running as an authentication source for Joomla!.

OpenLDAP is a free, open source implementation of the Lightweight Directory Access Protocol (LDAP) which is often bundled with many Linux distributions. In this case we'll be using the Debian Etch distribution to install and configure OpenLDAP. Apologies for anything that might be specific to Debian.

Note: Mac OS X requires a lot of extra instructions, if you are compiling from source you will most likely have to complete similar if not the same tasks. Keep in mind that if you compile from source your Configuration directory is up to you.

Platform Installation Notes:

  • Debian - Configuration directory at /etc/ldap
  • Mac OS X - Configuration directory at /sw/etc/openldap


Once you've got slapd installed the configuration fun begins. In the configuration directory, open up the slapd.conf file. You will need to be root to do this. By default it should have a few things like this:

Debian: 

# Schema and objectClass definitions
include         /etc/ldap/schema/core.schema
include         /etc/ldap/schema/cosine.schema
include         /etc/ldap/schema/nis.schema
include         /etc/ldap/schema/inetorgperson.schema

Mac OS X: (Note: You will need to alter your slapd.conf file to add the cosine and inetorgperson entries) 

include         /sw/etc/openldap/schema/core.schema
include /sw/etc/openldap/schema/cosine.schema
include /sw/etc/openldap/schema/inetorgperson.schema

Progressing through the file we see some settings, what we're looking for is rootdn' and suffix: 

suffix                "dc=joomla,dc=org"
rootdn                "cn=admin,dc=joomla,dc=org"

Mac OS X will have them together. If you used Debian, some preconfiguration will have occured already.

Your suffix is whats often called the Base DN, its where your LDAP tree starts. Your root DN is typically the super user for LDAP. Finally there will also be a rootpw entry, which in the case of Mac OS X defaults to secret. Debian during install asks for this password. You should probably change this.

Now that we have our base setup fixed we can consider connecting to our LDAP server.

Again, Debian has already configured and started the server (which is very kind of it) but we get no such luck with Mac OS X.


Sources

Setting up slapd on Mac OS X - A blog entry useful for getting me started on Mac OS X

LDAP authentication howto for Debian Sarge - one of the original documents I read on setting up OpenLDAP originally.

Retrieved from "http://sammoffatt.com.au/jauthtools/LDAP_Tools/OpenLDAP_HowTo"
Personal tools