Information Security 5 min read

How to Install LDAP and phpLDAPadmin on CentOS

This guide walks through disabling SELinux and the firewall, installing and configuring OpenLDAP server, setting up the phpLDAPadmin web console, adjusting Apache and phpLDAPadmin settings, and testing the LDAP service on a CentOS system.

DevOps Cloud Academy

Sep 8, 2019

How to Install LDAP and phpLDAPadmin on CentOS

1. Install LDAP

Reference document: https://www.cnblogs.com/mascot1/p/10498392.html

1.1 Prerequisites

#关闭SELINUX
vim /etc/sysconfig/selinux   # SELINUX=disabled
setenforce 0
#关闭防火墙
systemctl stop firewalld
systemctl disable firewalld

1.2 Install LDAP

#安装ldap工具
yum install -y openldap-servers openldap-clients migrationtools
slappasswd   #据提示输入密码会返回加密的密码字符串，保存好这个字符串
#配置数据库缓存
cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG
chown -R ldap:ldap /var/lib/ldap/
#测试配置文件
slaptest -u  #出现configfile testing successed 说明成功了
#启动ldap
systemctl start slapd.service
systemctl enable slapd.service
#导入模板
ls /etc/openldap/schema/*.ldif | xargs -I {} sudo ldapadd -Y EXTERNAL -H ldapi:/// -f {}

2. Install LDAP Console

2.1 Prerequisites

#安装apache
yum -y install httpd
#修改配置文件
vim /etc/httpd/conf/httpd.conf #AllowOverride all
#启动服务测试
systemctl start httpd
systemctl enable httpd
curl 127.0.0.1

2.2 Install phpLDAPadmin

#安装phpldapadmin
cat /etc/yum.repos.d/epel.repo
[epel]
name=Extra Packages for Enterprise Linux 7 - $basearch
baseurl=https://mirrors.tuna.tsinghua.edu.cn/epel/7Server/x86_64/
enabled=1
gpgcheck=0


yum install phpldapadmin

2.3 Modify Configuration Files

#修改配置文件
vim /etc/phpldapadmin/config.php
$servers->setValue('server','host','127.0.0.1');
$servers->setValue('server','port',389);
$servers->setValue('server','base',array('dc=my-domain,dc=com'));
$servers->setValue('login','auth_type','session');
$servers->setValue('login','attr','dn');

$servers->setValue('login','attr','dn'); #注释掉

#修改httpd配置文件
vim /etc/httpd/conf.d/phpldapadmin.conf
Alias /phpldapadmin /usr/share/phpldapadmin/htdocs
Alias /ldapadmin /usr/share/phpldapadmin/htdocs
# Apache 2.4
    Require local
    Require ip 192.168.0
# Apache 2.2
    Order Deny,Allow
    Deny from all
    Allow from 127.0.0.1
    Allow from ::1
#创建基础目录
vim /etc/openldap/base.ldif
 dn: dc=my-domain,dc=com
 o: ldap
 objectclass: dcObject
 objectclass: organization
 dc: my-domain

2.4 Access Test

#重启httpd服务
service restart httpd
#访问测试
http://192.168.0.41/phpldapadmin

由于文档在github存储详细内容请点击下方阅读原文！欢迎PR！

installation CentOS LDAP phpLDAPadmin Directory Service

Written by

DevOps Cloud Academy

Exploring industry DevOps practices and technical expertise.

0 followers

Reader feedback

How this landed with the community

Rate this article

Was this worth your time?

Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.