Your browser does not allow storing cookies. We recommend enabling them.

PreviousNextUp[Front page] [Index]

Installing and Configuring OpenLDAP

To install OpenLDAP on Linux, run the following command with root privileges:

# rpm -i certifier-openldap-2.1.8.i386.rpm

On Linux, the files will be installed in /usr/local/certifier-openldap.

To install OpenLDAP on Solaris, run the following command with root privileges:

# pkgadd -d certifier-openldap-2.1.8.pkg

To install OpenLDAP on HP-UX, run the following commands with root privileges:

# uncompress certifier-openldap-2.1.8.depot.Z 
# swinstall -s `pwd`/certifier-openldap-2.1.8.depot certifier-openldap

On Solaris and HP-UX, the files will be installed in /opt/certifier-openldap.

Next run the setup script:

# /usr/local/certifier-openldap/bin/ssh-ca-ldap-setup

This script will do the following:

  • Prompt the user for the name and optionally other details of the organization hierarchy to be created.
  • Prompt the user for directory administration user name and password.
  • Modify the OpenLDAP configuration files.
  • Insert an initial organization object to the directory.
  • Optionally (upon explicit confirmation) insert an entry to the syslog daemon configuration file and signal the daemon about the new entry. This entry directs the OpenLDAP syslog messages to file var/log/openldap.log in the certifier-openldap directory.
  • Display suggestions about the Certifier publishing configuration.

OpenLDAP is set to start automatically after the system is rebooted.

If you want to modify the OpenLDAP configuration later, please consult the OpenLDAP documentation. The configuration file is located at: certifier-openldap/etc/openldap/slapd.conf. The initial organization entry was created with the LDIF file certifier-openldap/var/organization.ldif. New organization objects can be added by editing this file and running the following command:

$$ ./bin/ldapadd -h localhost -p 389 -D "name-of-your-admin-account" 
  -w "password-of-your-admin-account" -f ./var/organization.ldif

PreviousNextUp[Front page] [Index]




What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now