wiki:campuswifiandeduroam2023Agenda/Lab

Version 8 (modified by tuwan, 5 months ago) ( diff )

--

Lab Setup

In this Hands-on we will install phpLDAPadmin in Linux.

Installing and Configuring the phpLDAPadmin Web Interface

The Ubuntu repositories contain a phpLDAPadmin package. You can install it with apt-get

sudo apt-get install phpldapadmin

This will install the application, enable the necessary Apache configurations, and reload Apache.

The web server is now configured to serve the application, but we need to make some additional changes. We need to configure phpLDAPadmin to use our domain, and to not autofill the LDAP login information.

Begin by opening the main configuration file with root privileges in your text editor:

sudo nano /etc/phpldapadmin/config.php

Look for the line that starts with servers->setValue('server','name'. In nano you can search for a string by typing CTRL-W, then the string, then ENTER. Your cursor will be placed on the correct line.

This line is a display name for your LDAP server, which the web interface uses for headers and messages about the server. Choose anything appropriate here:

/etc/phpldapadmin/config.php

$servers->setValue('server','name','Example LDAP');

Next, move down to the $servers->setValue('server','base' line. This config tells phpLDAPadmin what the root of the LDAP hierarchy is. This is based on the value we typed in when reconfiguring the slapd package. In our example we selected example.ac.lk and we need to translate this into LDAP syntax by putting each domain component (everything not a dot) into a dc= notation:

$servers->setValue('server','base', array('dc=example,dc=ac,dc=lk'));

Now find the login bind_id configuration line and comment it out with a # at the beginning of the line:

#$servers->setValue('login','bind_id','cn=admin,dc=example,dc=com');

This option pre-populates the admin login details in the web interface. This is information we shouldn’t share if our phpLDAPadmin page is publicly accessible.

The last thing that we need to adjust is a setting that controls the visibility of some phpLDAPadmin warning messages. By default the application will show quite a few warning messages about template files. These have no impact on our current use of the software. We can hide them by searching for the hide_template_warning parameter, uncommenting the line that contains it, and setting it to true:

$config->custom->appearance['hide_template_warning'] = true;

Having made the necessary configuration changes to phpLDAPadmin, we can now begin to use it. Navigate to the application in your web browser. Be sure to substitute your domain for the highlighted area below:

This is the last thing that we need to adjust. Save and close the file to finish. We don’t need to restart anything for the changes to take effect.

Next we’ll log into phpLDAPadmin.

Logging into the phpLDAPadmin Web Interface

https://example.ac.lk/phpldapadmin

The phpLDAPadmin landing page will load. Click on the login link in the left-hand menu on the page. A login form will be presented:

The Login DN is the username that you will be using. It contains the account name as a cn= section, and the domain name you selected for the server broken into dc= sections as described in previous steps. The default admin account that we set up during install is called admin, so for our example we would type in the following:

cn=admin,dc=learn,dc=ac,dc=lk

After entering the appropriate string for your domain, type in the admin password you created during configuration, then click the Authenticate button.

You will be taken to the main interface:

At this point, you are logged into the phpLDAPadmin interface. You have the ability to add users, organizational units, groups, and relationships.

Attachments (2)

Download all attachments as: .zip

Note: See TracWiki for help on using the wiki.