CentOS 7 OpenLDAP Install Guide

OpenLDAP is an open source implementation of the LDAP protocol used for directory services. This guide will walk you through a step-by-step process for installing OpenLDAP on CentOS 7.

Prerequisites

Before proceeding with the installation, make sure that your CentOS 7 system is up-to-date and that you have root access. You will also need to allocate enough disk space for your directory service.

Step 1: Install OpenLDAP

To install OpenLDAP, you need to first enable the EPEL repository by running the following commands:

sudo yum install epel-release
sudo yum update

Next, install OpenLDAP:

sudo yum install openldap-servers openldap-clients

Step 2: Configure the LDAP Server

Once OpenLDAP is installed, you need to configure the server. First, create a configuration file for the server:

sudo nano /etc/openldap/slapd.conf

In this file, you will define the database backend that your OpenLDAP server will use. Add the following lines to the end of the file:

database hdb
suffix "dc=my-domain,dc=com"
rootdn "cn=admin,dc=my-domain,dc=com"
rootpw {SSHA}Your_Password_Here

Replace "Your_Password_Here" with a strong password.

Save the file and exit.

Step 3: Populate the LDAP Database

Now you need to create a database to use with OpenLDAP. You can use the following command to create an initial database:

sudo slappasswd -s Your_Password_Here

Replace "Your_Password_Here" with a strong password.

Next, create a database populating script:

sudo nano db.ldif

Add the following lines to the file:

dn: dc=my-domain,dc=com
objectClass: top
objectClass: dcObject
objectClass: organization
o: My Organization
dc: my-domain

dn: cn=admin,dc=my-domain,dc=com
objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: admin
userPassword: {SSHA}Your_Password_Here
description: LDAP administrator

Again, replace "Your_Password_Here" with a strong password.

Save the file and exit.

Now populate the database using the following command:

sudo ldapadd -x -W -D "cn=admin,dc=my-domain,dc=com" -f db.ldif

Enter the password you set for the LDAP administrator when prompted.

Step 4: Configure Firewall

If you have a firewall enabled on your CentOS 7 system, you will need to allow incoming LDAP connections. Use the following command to add a rule to allow LDAP connections:

sudo firewall-cmd --add-service=ldap --permanent
sudo firewall-cmd --reload

Step 5: Start OpenLDAP

Finally, start the OpenLDAP server using the following command:

sudo systemctl start slapd
sudo systemctl enable slapd

Conclusion

You should now have a working OpenLDAP server running on your CentOS 7 system. By following this guide, you have learned how to install and configure OpenLDAP, populate its database, and set up appropriate firewall rules.