Make Raspberry Pi Into a LDAP Server to Store User Account Data and Password

Introduction

An LDAP server provide the following benefits:

• Authenticate for all the users of Raspberry Pis and computers in your network
• Store files stored /etc directory
• Store contact details that can be useful for email clients

My personal reason of running an LDAP server is to have one central point of authentication. After completing this tutorial, you might be interested in reading "Make Raspberry Pi do LDAP Authentication" instructable.

Scope

This instructable will show how to:

• Install OpenLDAP Server
• Configure OpenLDAP Server
• Load LDAP database with user account and password
• Run OpenLDAP Server Test

This instructable will NOT show how to:

• Make a different remote Raspberry Pi authenticate to the above OpenLDAP server
• Encrypt password sent over the wire

Pre-requisites

Raspberry Pi running Raspbian OS

Environment

The following are data of my Raspberry Pi that runs OpenLDAP Server:
Distributor ID: Debian
Description: Debian GNU/Linux 7.8 (wheezy)
Release: 7.8
Codename: wheezy
Linux rpipro.example.com 3.18.9+ #767 PREEMPT Sat Mar 7 21:41:13 GMT 2015 armv6l GNU/Linux

Reference

https://help.ubuntu.com/12.04/serverguide/openlda...

Open terminal emulator in Raspberry Pi

Configure the domain name of the Raspberry Pi echo "rpipro.example.com" > /etc/hostname

#Replace rpipro.example.com with anything that you want

Reboot the Raspberry Pi:

sudo apt-get update <br>sudo apt-get install slapd ldap-utils 

Enter the admin password of the user database "example.com" when prompted

Test that database "example.com" is created:

ldapsearch -x -LLL -H ldap:/// -b dc=example,dc=com dn 

OpenLDAP will reply the following to indicate a database is created:

dn: dc=example,dc=com

dn: cn=admin,dc=example,dc=com

Download add_content.ldif

Read add_content.ldif. This script is creating a user with uid=john and password=johnldap. The test data will be loaded to database "example.com"

Add the content to database "example.com":

ldapadd -x -D cn=admin,dc=example,dc=com -W -f add_content.ldif 

OpenLDAP will display:

Enter LDAP Password: #Enter password entered in Step 1 adding new entry "ou=People,dc=example,dc=com"

adding new entry "ou=Groups,dc=example,dc=com"

adding new entry "cn=miners,ou=Groups,dc=example,dc=com"

adding new entry "uid=john,ou=People,dc=example,dc=com"

Check that the data above is actually in the database "example.com":

ldapsearch -x -LLL -b dc=example,dc=com 'uid=john' cn gidNumber

OpenLDAP will display:

dn: uid=john,ou=People,dc=example,dc=com

cn: John Doe

gidNumber: 500