MongoDB Notes
In this procedure, you will create and configure a virtual machine with OpenLDAP using Vagrant.
Prerequisites
This procedure assumes:
Procedure (Host: Windows 10, Guest: Ubuntu)
1.Create a directory for the Vagrant configuration. Call it \vmldap.
2.Open a Command Prompt window.
3.Change directories to \vmldap.
4.Execute these Vagrant command.
vagrant init bento/ubuntu-16.04
vagrant up
4.Edit the file Vagrantfile so it looks like the "Example Vagrantfile for Ubuntu". Set the appropriate values for the network IP address and host name.
5.Create a provisioning file like the "Example LDAP Provisioning File". Name the file provision-ldap.
6.Using Vagrant, provision the virtual machine using this command:
vagrant provision
7.Log into the virtual machine using this command:
vagrant ssh
8.Install OpenLDAP with this command.
sudo apt-get install slapd ldap-utils
9.The installer will prompt you for a password. Enter the password and press return.
10. Edit the file /etc/ldap/ldap.conf to specify the base and URI of the LDAP server. (See Example ldap.conf File below.)
11. Execute this command to reconfigure the LDAP package:
dpkg-reconfigure slapd
12. The program will as some questions. Answer with these values:
Omit OpenLDAP server configuration? |
No |
DNS domain name |
waysysweb.us.com (or the one you have selected) |
Organization name |
WaysysLLC |
Administrative password |
(Use the entered Step 9.) |
Database backend to use |
HDB |
Do you want the database to be removed when slapd is purged? |
Yes |
Move old database? |
Yes |
Allow LDAPv2 protocol? |
No |
13. To start the LDAP server, enter this command:
sudo invoke-rc.d slapd start
14. Initialize the directory by adding the top level domain and two sub-trees: Users and System. Users will hold entries for human users. System will hold server authentication information. The command below will prompt for the administrative password. An example of file initial.ldif is shown below.
ldapadd -x -W -D 'cn=admin,dc=waysysweb,dc=us,dc=com' -f initial.ldif
15. Add users to the directory using an LDIF file and this command:
ldapadd -x -W -D 'cn=admin,dc=waysysweb,dc=us,dc=com' -f users.ldif
Example Vagrantfile for Ubuntu
This file creates and manages a virtual machine with the Ubuntu Version 16.04 LTS.
# -*- mode: ruby -*-
Vagrant.configure("2") do |config|
# Ubuntu Version 16 LTS
config.vm.box = "bento/ubuntu-16.04"
# Create a private network, which allows host-only access to the machine
# using a specific IP.
config.vm.network "private_network", ip: "192.168.33.10"
config.vm.hostname = "ldap.waysysweb.us.com"
config.vm.synced_folder "shared/", "/home/vagrant/shared", create: true
config.vm.provider "virtualbox" do |vb|
# Display the VirtualBox GUI when booting the machine
vb.gui = false
# Customize the amount of memory on the VM:
vb.memory = "1024"
end
config.vm.provision "shell", path: "provision-ldap"
end
Example LDAP Provisioning File
Below is an example of provision-ldap. This file provides minimal functionality. You can add additional commands as needed.
#!/usr/bin/env bash
sudo apt-get update -y
echo "Virtual machine provisioned"
Example ldap.conf File
Below is an example of the LDAP client configuration file.
#
# LDAP Defaults
#
# See ldap.conf(5) for details
# This file should be world readable but not world writable.
BASE dc=waysysweb,dc=us,dc=com
URI ldap://ldap.waysysweb.us.com
#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never
# TLS certificates (needed for GnuTLS)
TLS_CACERT /etc/ssl/certs/ca-certificates.crt
Example LDIF File to Load Users
Below is an example of an LDIF file to load users into the directory. The value of the uid attribute
# Users
#
# Sam Adams
#
dn: uid=sadams,ou=Users,dc=waysysweb,dc=us,dc=com
uid: sadams
userPassword: secret
ou: Users
cn: Sam Adams
sn: Adams
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
Issues
•You cannot install OpenLDAP using the provisioning file, since the installation prompts for a password.
•In the ldap.conf file, the BINDDN directive is omitted for security reasons.
References
