KerbyServer

  • kerby's tech notes
  • kerbyserver.net
  • epkphoto.com
Home › Blogs › EPKPhoto's blog

A quick rundown on setting up OpenLDAP for contacts

EPKPhoto — 9 July 2007 - 10:35pm

Steps used to setup an OpenLDAP server on KerbsFedora (based on walkthrough at http://www.linux.com/articles/114010 ):

sudo yum install openldap-servers openldap-clients

Generate the admin user's password (enter it twice when asked):
/usr/sbin/slappasswd

Edit /etc/openldap/slapd.conf:
(most comments trimmed)
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema

pidfile /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.args

########################################
# ldbm and/or bdb database definitions
########################################

database bdb
suffix "dc=kerbyserver,dc=net"
rootdn "cn=epkadmin,dc=kerbyserver,dc=net"
# encrypted password from slappasswd:
rootpw {crypt}BlahBlah3m,vc023+sv-2

directory /var/lib/ldap

# Indices to maintain for this database
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub

sudo /etc/init.d/ldap start

Create file, directory_def.ldif:
dn: dc=kerbyserver,dc=net
objectclass: top
objectclass: dcObject
objectclass: organization
dc: kerbyserver
o: KerbyServer

dn: ou=personal,dc=kerbyserver,dc=net
objectclass: top
objectclass: organizationalUnit
ou: personal
description: Personal Addressbook

Create file, mycontacts.ldif:
dn: cn=Test Person,dc=kerbyserver,dc=net
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
givenName: Test
sn: Person
cn: Test Person
mail: test@epkphoto.com

Add those entries with:
ldapadd -xv -D "cn=epkadmin,dc=kerbyserver,dc=net" -f directory_def.ldif -W
ldapadd -xv -D "cn=epkadmin,dc=kerbyserver,dc=net" -f mycontacts.ldif -W

To query this server in Apple's Address Book, after opening port 389, of course, use the following settings:
Name: whatever
Server: kerbyserver.net
Search Base: dc=kerbyserver,dc=net
Port: 389
Use SSL: unchecked
Scope: Subtree
Authentication: left blank and type set to None

Now I need to find a good way to import all my Address Book contacts, set up authentication so this isn't open to the public, and make the directory easily editable in the future.

  • Address Book
  • Fedora 7
  • KerbsFedora
  • OpenLDAP
  • EPKPhoto's blog
  • Login to post comments

Syndicate

Syndicate content

User login

  • Request new password
  • kerby's tech notes
  • kerbyserver.net
  • epkphoto.com

Content © Eric Kerby