Documentation

OpenLDAP

Install OpenLDAP

# apt-get install -y slapd

You will be prompted to enter a LDAP administrative password.

Install HUBzero LDAP support

# apt-get install -y hubzero-openldap 

Some packages will ask you to configure them when you run this step. I am pretty sure you can just accept the defaults because we rewrite the configuration files during the next step anyway.

Configuring nslcd: LDAP server URI:

keep the default or enter "ldap://localhost/"

Configuring nslcd: LDAP server search base:

keep the default

Configuring libnss-ldapd

Select only "passwd", "group", "shadow"

Configure OpenLDAP Database

# hzldap init
# hzcms configure ldap --enable

To finish configuration you must manually (for now) trigger the initial synchronization of the CMS user/group tables with LDAP. Go to administrator section of your site (/administrator), go to Site->Maintenance->LDAP and press the Export Users and Export Groups buttons in order to export all CMS users/groups. On a fresh install this would be consist solely of the user 'admin'.

Manually create a home directory for the CMS admin user now, it will make it easier to test things later to have this already setup.

# mkdir -p /home/example/admin
# touch /home/example/admin/mytest
# chown -R admin.users /home/example/admin

Test

# getent passwd
You should see an entry for user 'admin' toward the end of the list if everything is working correctly.

Last modified: