SUNScholar/Researcher Authorisation/Step 1

NEXT - STEP 2

Step 1.1 - Login
Login to the server: http://wiki.lib.sun.ac.za/index.php/SUNScholar/Prepare_Ubuntu/S01

Step 1.2 - Install software
To check LDAP works, first install the following: sudo apt-get install ldap-utils ldap-auth-config Fill in all the details as requested during the installation.

Step 1.3 - Prepare ldap.conf
Go to the following folder: cd /etc/ldap Copy the original ldap.conf: sudo cp ldap.conf ldap.conf-orig Delete the original: sudo rm ldap.conf Create a link to the master ldap.conf sudo ln -s ../ldap.conf

Example listing of ldap files. root@ir1:/etc/ldap# ls -l total 8 lrwxrwxrwx 1 root root 12 2010-09-17 20:13 ldap.conf -> ../ldap.conf -rw-r--r-- 1 root root 245 2011-12-19 18:19 ldap.conf.dpkg-new -rw-r--r-- 1 root root 245 2010-09-17 20:12 ldap.conf-orig

Step 1.4 - Modify ldap.conf
Type the following; sudo nano /etc/ldap.conf

See the example ldap.conf file below for recommended settings.
 * 1) DEBCONF###
 * 2) Configuration of this file will be managed by debconf as long as the
 * 3) first line of the file says '###DEBCONF###'
 * 4) You should use dpkg-reconfigure to configure this file via debconf
 * 1) You should use dpkg-reconfigure to configure this file via debconf
 * 1) You should use dpkg-reconfigure to configure this file via debconf


 * 1) @(#)$Id: ldap.conf,v 1.38 2006/05/15 08:13:31 lukeh Exp $
 * 2) This is the configuration file for the LDAP nameservice
 * 3) switch library and the LDAP PAM module.
 * 4) PADL Software
 * 5) http://www.padl.com
 * 1) PADL Software
 * 2) http://www.padl.com
 * 1) http://www.padl.com

host stbldap04.sun.ac.za stbldap03.sun.ac.za stbldap02.sun.ac.za stbldap01.sun.ac.za
 * 1) Your LDAP server. Must be resolvable without using LDAP.
 * 2) Multiple hosts may be specified, each separated by a
 * 3) space. How long nss_ldap takes to failover depends on
 * 4) whether your LDAP client library supports configurable
 * 5) network or connect timeouts (see bind_timelimit).

base ou=USERS,o=SU
 * 1) The distinguished name of the search base.


 * 1) Another way to specify your LDAP server is to provide an
 * 2) uri with the server name. This allows to use
 * 3) Unix Domain Sockets to connect to a local LDAP Server.
 * 4) uri ldap://127.0.0.1/
 * 5) uri ldaps://127.0.0.1/
 * 6) uri ldapi://%2fvar%2frun%2fldapi_sock/
 * 7) Note: %2f encodes the '/' used as directory separator

ldap_version 3
 * 1) The LDAP version to use (defaults to 3
 * 2) if supported by client library)


 * 1) The distinguished name to bind to the server with.
 * 2) Optional: default is to bind anonymously.
 * 3) binddn cn=proxyuser,dc=padl,dc=com


 * 1) The credentials to bind with.
 * 2) Optional: default is no credential.
 * 3) bindpw secret


 * 1) The distinguished name to bind to the server with
 * 2) if the effective user ID is root. Password is
 * 3) stored in /etc/ldap.secret (mode 600)
 * 4) rootbinddn cn=manager,dc=padl,dc=com


 * 1) The port.
 * 2) Optional: default is 389.
 * 3) port 636

Step 1.5 - Test LDAP lookup
Now run a search on the LDAP server: sudo ldapsearch -x cn=hgibson Use whatever filters and attributes that are needed for your campus LDAP server.

If the search is successful then you may continue to setup DSpace.