ComTech: IT Support Stirling

How to set up an Ldap Server on Ubuntu 12.04 LTS

Today I will show you how to set up an ldap server on Ubuntu 12.04 LTS.

First we need to install the packages we need so in a terminal type:

sudo apt-get install slapd ldap-utils

During installation you will be asked for an ldap administrator password.  You should choose one and then retype it.

The configurations example that follows uses a FQDN of You should change this to the FQDN of your organisation.

Now we need to add some additional schema files. In a terminal enter:

sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/cosine.ldif
sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/nis.ldif
sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/inetorgperson.ldif

Now make a file called somewhere on your system and add the following configuration to it.

# Load dynamic backend modules
dn: cn=module,cn=config
objectClass: olcModuleList
cn: module
olcModulepath: /usr/lib/ldap

# Database settings
dn: olcDatabase=hdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: {1}hdb
olcSuffix: dc=comtech,dc=com
olcDbDirectory: /var/lib/ldap
olcRootDN: cn=admin,dc=comtech,dc=com
olcRootPW: secret
olcDbConfig: set_cachesize 0 2097152 0
olcDbConfig: set_lk_max_objects 1500
olcDbConfig: set_lk_max_locks 1500
olcDbConfig: set_lk_max_lockers 1500
olcDbIndex: objectClass eq
olcLastMod: TRUE
olcDbCheckpoint: 512 30
olcAccess: to attrs=userPassword by dn=”cn=admin,dc=comtech,dc=com” write by anonymous auth by self write by * none
olcAccess: to attrs=shadowLastChange by self write by * read
olcAccess: to dn.base=”” by * read
olcAccess: to * by dn=”cn=admin,dc=comtech,dc=com” write by * read

We now need to add the LDIF to the directory so in a terminal type:

sudo ldapadd -Y EXTERNAL -H ldapi:/// -f

Now create a file called somewhere on your system and add the following configuration to it.

# Create top-level object in domain
dn: dc=comtech,dc=com
objectClass: top
objectClass: dcObject
objectclass: organization
o: Comtech
dc: comtech
description: Comtech LDAP Configuration

# Admin user.
dn: cn=admin,dc=comtech,dc=com
objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: admin
description: LDAP administrator

dn: ou=people,dc=comtech,dc=com
objectClass: organizationalUnit
ou: people

dn: ou=groups,dc=comtech,dc=com
objectClass: organizationalUnit
ou: groups

dn: uid=bob,ou=people,dc=comtech,dc=com
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
uid: Bob
sn: Wates
givenName: Bob
cn: Bob Wates
displayName: Bob Wates
uidNumber: 1000
gidNumber: 10000
userPassword: password
gecos: Bob Wates
loginShell: /bin/bash
homeDirectory: /home/bob
shadowExpire: -1
shadowFlag: 0
shadowWarning: 7
shadowMin: 8
shadowMax: 999999
shadowLastChange: 10877
postalCode: CF24
l: Cardiff
o: Comtech
mobile: +44 (0)7 xx xx xx xx
homePhone: +44 (0)1 xx xx xx xx x
title: System Administrator
initials: BW

dn: cn=comtech,ou=groups,dc=comtech,dc=com
objectClass: posixGroup
cn: comtech
gidNumber: 10000

Now we need to add the entries to the LDAP directory.  In a terminal type:

sudo ldapadd -x -D cn=admin,dc=comtech,dc=com -W -f

You will be asked for the ldap administration password.  This is the password in the admin section of the file.

All that is left to do is to test the configuration so in a terminal type:

ldapsearch -xLLL -b “dc=comtech,dc=com” uid=bob sn givenName cn

If your files are configured correctly then you get the following output.

dn: uid=bob,ou=people,dc=comtech,dc=com
cn: Bob Wates
sn: Wates
givenName: Bob

About the Author


Hi I’m Chris Wakefield the owner of ComTech IT Support. I provide Windows, Mac and Linux based IT Support to small businesses in Stirling, Alloa and Falkirk.

Follow @Comtech247 on Twitter

Linux in Business

Is Linux viable in the business environment? Surely it is just a bunch of ‘geeks’ writing software with little support?  We are going to take a look at the business offerings and settle some mis-preconceptions.

Chances are at the moment you work in an environment where the majority (if not all) of your software requirements are met by Microsoft.  What if I could tell you there is another way which would be more secure and cost your company less.  Lets take a look.

Business Linux is primarily the realm of three firms: RedHat, Novell and Canonical.  All three offer solutions for business.  The software is free (ie no licence fee) and you pay for the level of customer support you want through a subscription scheme.

So what sort of software is available?  We shall split this into two categories: server and desktop.

Server Systems

1. Linux File and Print Server

This can be set up on any linux distribution using the samba service (this will be covered as a future topic) and allows Windows / Linux clients to access files and print to a networked printer.  There is no licence fee for any of the software.

2. Active Directory

Linux has quite a few choices in this area.  Two of the best are OpenLDAP and NDS. OpenLDAP allows authentication to Linux clients only but NDS allows cross platform authentication (Windows, Linux, Solaris etc).

3. DHCP and DNS servers

You can set up your own DHCP and DNS servers for your organisation using the dhcp and named daemons (services) on any Linux distribution you want.

4. Firewall

The Smoothwall distribution makes a fantastic stand alone firewall.  So if you have an old computer just sitting around install this distribution on it and you will have a fully functional and effective firewall between your network and the internet.  I use Untangle Gateway for my office it is a wonderful piece of kit.

5. Web Servers

By far and away the most popular Linux web server is Apache.  Most of the web servers running on the internet are actually running some version of Apache.  Again this can be set up on any distribution you want.


There are literally thousands of packages available for Linux and all are available to the business user.  We shall take a look at the packages available for the most common tasks: email, web browser and office suite.

1. Evolution email suite

Evolution is a fast, stable and secure alternative to Microsoft Outlook.  It runs on all versions of Linux which use the Gnome desktop.  For KDE use Kontact.

2. Web browers

Either use Firefox or Chrome.  Chrome is the fastest browser on the planet where Firefox is probably the most stable.  Both are good choices for the business environment.

3. Office Suite

Never buy Microsoft Office again.  Instead use Libreoffice.  Libreoffice has all the functionality of Microsoft Office without the price tag.  It is compatible with Microsoft Office too so if user A saves her document in Microsoft Office user B will be able to open it in Libreoffice.

There you have it.  This is just a guide to the possibilities Linux can offer the business user. Before you do decide to move over to Linux check that your mission critical software will run in this environment (use virtual software – covered as a future topic) and bear in mind that your end users might need some form of familiarisation with any new software you implement.

About the Author

Hi I am Chris the owner of ComTech. I provide IT Support, Laptop Repairs and Computer repairs to both personal and business clients in and around Stirling. For a list of what I can offer you why not visit my website where you will find my blog, testimonials, services and much more.  Start supporting a local business today so I can start supporting you.

If you found this blog useful then why not sign up to my RSS Feed for news, tutorials, views and general techie stuff!!




Get every new post delivered to your Inbox

Join other followers

WordPress SEO fine-tune by Meta SEO Pack from Poradnik Webmastera
WP Like Button Plugin by Free WordPress Templates