Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
OpenLDAP with MySQL Backend - Ubuntu 18.04
## installation openldap with backend mysql
sudo apt update && sudo apt upgrade -y && sudo reboot
sudo apt install mysql-server unixodbc make gcc libmysqlclient-dev unixodbc-dev groff ldap-utils
## mysql login as root
sudo mysql -u root
CREATE DATABASE ldap
CREATE USER 'ldap'@'%' IDENTIFIED BY 'S3cureP4ssw0rd$';
GRANT ALL PRIVILEGES ON ldap.* TO 'ldap'@'%';
CREATE USER 'ldap'@'localhost' IDENTIFIED BY 'S3cureP4ssw0rd$';
GRANT ALL PRIVILEGES ON ldap.* TO 'ldap'@'localhost';
FLUSH PRIVILEGES;
EXIT
## create table to ldap database
git clone https://gist.github.com/mahirrudin/bdde7e60fe2a4a3e7b17c5ee28bf02c0 init-ldap.sql
sudo mysql -u root ldap < init-ldap.sql
## install mysql odbc connector
wget https://dev.mysql.com/get/Downloads/Connector-ODBC/8.0/mysql-connector-odbc-8.0.11-linux-ubuntu18.04-x86-64bit.tar.gz
tar -xvzf mysql-connector-odbc-8.0.11-linux-ubuntu18.04-x86-64bit.tar.gz
cd mysql-connector-odbc-*/
sudo cp lib/libmyodbc8* /usr/lib/x86_64-linux-gnu/odbc/
## create file /etc/odbcinst.ini
[MySQL Unicode]
Description = MySQL ODBC 8.0 Unicode Driver
Driver = /usr/lib/x86_64-linux-gnu/odbc/libmyodbc8w.so
Setup = /usr/lib/x86_64-linux-gnu/odbc/libmyodbc8S.so
FileUsage = 1
[MySQL ANSI]
Description = MySQL ODBC 8.0 ANSI Driver
Driver = /usr/lib/x86_64-linux-gnu/odbc/libmyodbc8a.so
Setup = /usr/lib/x86_64-linux-gnu/odbc/libmyodbc8S.so
FileUsage = 1
## edit /etc/odbc.ini
[ldap]
Description = MySQL Connector for LDAP
Driver = MySQL Unicode
Database = ldap
Server = 127.0.0.1
User = ldap
Password = ldap
Port = 3306
## check ldap connection if it works
sudo echo "show databases" | isql -v ldap
+---------------------------------------+
| Connected! |
| |
| sql-statement |
| help [tablename] |
| quit |
| |
+---------------------------------------+
SQL> show databases
+-----------------------------------------------------------------+
| Database |
+-----------------------------------------------------------------+
| information_schema |
| ldap |
+-----------------------------------------------------------------+
## download, compile, and install openldap from source
## more information http://www.linuxfromscratch.org/blfs/view/svn/server/openldap.html
wget ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.4.46.tgz
tar -xvzf openldap-2.4.46.tgz
sudo mv openldap-2.4.* /opt/openldap
cd /opt/openldap
sudo ./configure --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share --localstatedir=/var --mandir=/usr/share/man --infodir=/usr/share/info --enable-sql --disable-bdb --disable-ndb --disable-hdb
sudo make depend
sudo make
sudo make install
## create password for openldap configuration
sudo /usr/sbin/slappasswd -h {SSHA}
## edit /etc/openldap/slapd.conf
################### Start of Configuration ############################
# OpenLDAP Configuration by mahirrudin
#######################################################################
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
pidfile /var/run/slapd.pid
argsfile /var/run/slapd.args
#######################################################################
# SQL database definitions
#######################################################################
database sql
suffix "dc=boekoe,dc=id"
rootdn "cn=administrator,dc=boekoe,dc=id"
rootpw {SSHA}Th2pCgWlUzNg2gghclpU1IF4lWfPRIKV
# SQL configuration
dbname ldap
dbuser ldap
dbpasswd S3cureP4ssw0rd$
has_ldapinfo_dn_ru no
subtree_cond "ldap_entries.dn LIKE CONCAT('%',?)"
################### End of Configuration ##############################
## running openldap
sudo /opt/openldap/servers/slapd/slapd -d 5 -h 'ldap:/// ldapi:///' -f /etc/openldap/slapd.conf &
## check if ldap working normally
ldapsearch -x -b "dc=life,dc=com"
@samcookies

This comment has been minimized.

Copy link

commented Nov 6, 2018

Can you please help me with below error message...

sudo echo "show databases" | isql -v openldap
[IM002][unixODBC][Driver Manager]Data source name not found, and no default driver specified
[ISQL]ERROR: Could not SQLConnect

@twloog

This comment has been minimized.

Copy link

commented Nov 14, 2018

edit /etc/odbc.ini 密碼應該是mysql 授權給 ldap 的密碼

@twloog

This comment has been minimized.

Copy link

commented Nov 14, 2018

可以再撰寫加入 phpldapadmin 會更完美,另外這個設定 "cn=administrator,dc=boekoe,dc=id" 是如何來的,查詢時又怎會查 ldapsearch -x -b "dc=life,dc=com" 這個 dc ,不解?

@samcookies

This comment has been minimized.

Copy link

commented Nov 21, 2018

Thanks... thats resolved now.

But now Im not able to start openldap.. here is the error message Im getting

5bf4bc5a backsql_db_open(): schema mapping failed, exiting
5bf4bc5a backend_startup_one (type=sql, suffix="dc=domain,dc=com"): bi_db_open failed! (1)
5bf4bc5a slapd shutdown: initiated
5bf4bc5a ==>backsql_db_close()
5bf4bc5a <==backsql_db_close()
5bf4bc5a slapd destroy: freeing system resources.
5bf4bc5a ==>backsql_close_db_handle(0x21ab440)
5bf4bc5a <==backsql_close_db_handle(0x21ab440)
5bf4bc5a ==>backsql_db_destroy()
5bf4bc5a ==>backsql_free_db_env()
5bf4bc5a <==backsql_free_db_env()
5bf4bc5a ==>destroy_schema_map()
5bf4bc5a <==destroy_schema_map()
5bf4bc5a <==backsql_db_destroy()
5bf4bc5a slapd stopped.

@logan2211

This comment has been minimized.

Copy link

commented Mar 13, 2019

@Olivier-Metzinger

This comment has been minimized.

Copy link

commented Apr 3, 2019

Hello, got the same error as @samcookies

someone have the solution ?

@Olivier-Metzinger

This comment has been minimized.

Copy link

commented Apr 3, 2019

Ok I fix it. you need to clean the /etc/openldap/slapd.conf file and add the following text (same as tutorial) :

include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema

pidfile /var/run/slapd.pid
argsfile /var/run/slapd.args

database sql
suffix "dc=boekoe,dc=id"
rootdn "cn=administrator,dc=boekoe,dc=id"
rootpw {SSHA}Th2pCgWlUzNg2gghclpU1IF4lWfPRIKV

dbname ldap
dbuser ldap
dbpasswd S3cureP4ssw0rd$
has_ldapinfo_dn_ru no
subtree_cond "ldap_entries.dn LIKE CONCAT('%',?)"

@mrugesha

This comment has been minimized.

Copy link

commented Jun 6, 2019

Can you please help me with ldap client configuration,

I am able to fetch user details using command line on client machine but login is not happening.

Please help.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.