You can get your preferred archives from http://www.openldap.org/software/download/. Currently, the latest stable release is 2.4.38.
First of all, it is required that the following packages should be installed in advance. The
configure script would fail otherwise.
You are also required to have the following package installed. Otherwise,
make test would fail at
$ ./configure --enable-crypt --enable-overlays $ make depend $ make $ make test $ sudo make install
The above steps took almost one hour in my environment, especially for
make test which took more than 40 minutes.
OpenLDAP has been installed under
/usr/local by now.
It is not cool that OpenLDAP is running as
root user, right?
Create the specific user and group
$ sudo groupadd -r ldap $ sudo useradd -g ldap -r -s /bin/false ldap
Change owners (or permissions)
$ sudo chown -R ldap:ldap /usr/local/etc/openldap $ sudo chown -R ldap:ldap /usr/local/var/openldap-data $ sudo mkdir /usr/local/var/openldap-run $ sudo chown -R ldap:ldap /usr/local/var/openldap-run
Edit the configuration file
$ sudo vi /usr/local/etc/openldap/slapd.conf
- Add your preferred schema files.
- Modify the paths to
- Modify the
rootpw, and so on.
Below is a sample
slapd.conf, which I do not recommend you to copy as it is…
include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/dyngroup.schema include /usr/local/etc/openldap/schema/inetorgperson.schema include /usr/local/etc/openldap/schema/ppolicy.schema pidfile /usr/local/var/openldap-run/slapd.pid argsfile /usr/local/var/openldap-run/slapd.args database bdb suffix "dc=localdomain" rootdn "cn=Manager,dc=localdomain" rootpw secret directory /usr/local/var/openldap-data index objectClass eq
Do not forget to test the modified configuration file.
$ sudo /usr/local/sbin/slaptest -u
Configure the database
$ cd /usr/local/var/openldap-data $ sudo cp -p DB_CONFIG.example DB_CONFIG
To be honest, I am not familiar with this part at all…
Start and Stop
You can start up the daemon
slapd as follows.
$ sudo /usr/local/libexec/slapd -u ldap -g ldap
And you can stop it by sending an
INT sygnal to it.
$ sudo kill -INT `cat /usr/local/var/openldap-run/slapd.pid`