Easiest way to set up LDAP for dev testing
I'm a developer for a product that integrates with LDAP for authentication. I need to set up a directory that I can test against.
I'm not an expert with LDAP. To help ease the learning curve it'd be useful to have a real-world example directory.
Are there any resources that'll help me set up an demo directory, ready-to-go? A VMware appliance for example?
OpenDS is very easy to get running - just download the ZIP file and run the installer or use the Java web-start. The installer can populate the directory with test entries too if you want to see some example data.
Edit (2020): OpenDJ is the successor to OpenDS after Oracle closed it down, but I haven't tested it to see if it has the same easy installation with sample data. Give it a try.
I'd strongly recommend Apache Directory Studio as a good client to use to get familiar with how to browse, edit and manage data via LDAP.
Install Ubuntu Server Edition 8.10, boot it up and install OpenLDAP.
$ sudo apt-get install slapd ldap-utils
You can probably just accept the defaults if this is just for testing, therefore your domain will be dc=example,dc=com. In the install wizard it should ask you to setup your ldap admin user, this user's DN should be *cn=admin,dc=example,dc=com`.
Then you'll need to add two organizational units, one for People, one for Groups. Create the file myldap.ldif and place into it this:
dn: ou=people,dc=example,dc=com
objectClass: organizationalUnit
ou: people
dn: ou=groups,dc=example,dc=com
objectClass: organizationalUnit
ou: groups
If LDAP is running, shut it down with /etc/init.d/slapd stop
.
Use ldapadd to add the LDIF file to our LDAP database:
$ ldapadd -x -D cn=admin,dc=example,dc=com -W -f myldap.ldif
It will ask you for your password that you set during the install.
Fire LDAP back up with /etc/init.d/slapd start
and then install Webmin:
$ sudo aptitude install perl libnet-ssleay-perl openssl \
libauthen-pam-perl libpam-runtime \
libio-pty-perl libmd5-perl
$ wget http://garr.dl.sourceforge.net/sourceforge/webadmin/webmin_1.441_all.deb
$ sudo dpkg -i webmin_1.441_all.deb
You can now navigate to your LDAP server's IP at port 10000 using URL https://your-server-ip:10000/
. Note you will be required to enter the root password for the computer at this login screen.
From here we need to configure Webmin to interact with our LDAP environment. Expand "System" and then select "LDAP Users and Groups." Click "Module Config" at the top of the page and find the following option and enter this custom data:
Base for users ou=People,dc=example,dc=com
Base for groups ou=Groups,dc=example,dc=com
Click save at the bottom. You will be returned to the previous screen where you can now add LDAP users and groups. This is now a functioning LDAP server. You can query it from the command using ldapsearch:
Whole database:
$ ldapsearch -x -h <your-server-ip> -b "dc=example,dc=com"
User search:
$ ldapsearch -x -h <your-server-ip> -b "dc=example,dc=com" '(uid=blah)'
I did most of this from memory so you'll have to forgive me if I missed a couple steps. Enjoy.