SUNScholar/Researcher Authorisation/Step 1

From Libopedia
Jump to navigation Jump to search 
NEXT - STEP 2

Step 1 - Local server LDAP configuration

Step 1.1 - Login

Login to the server: 

http://wiki.lib.sun.ac.za/index.php/SUNScholar/Prepare_Ubuntu/S01

Step 1.2 - Install software

To check LDAP works, first install the following: 

sudo apt-get install ldap-utils ldap-auth-config

Fill in all the details as requested during the installation.

Step 1.3 - Prepare ldap.conf

Go to the following folder: 

cd /etc/ldap

Copy the original ldap.conf: 

sudo  cp ldap.conf ldap.conf-orig

Delete the original: 

sudo  rm ldap.conf

Create a link to the master ldap.conf 

sudo  ln -s ../ldap.conf

Example listing of ldap files. 

root@ir1:/etc/ldap# ls -l
total 8
lrwxrwxrwx 1 root root  12 2010-09-17 20:13 ldap.conf -> ../ldap.conf
-rw-r--r-- 1 root root 245 2011-12-19 18:19 ldap.conf.dpkg-new
-rw-r--r-- 1 root root 245 2010-09-17 20:12 ldap.conf-orig

Step 1.4 - Modify ldap.conf

Type the following; 

sudo nano /etc/ldap.conf

See the example ldap.conf file below for recommended settings. 

###DEBCONF###
##
## Configuration of this file will be managed by debconf as long as the
## first line of the file says '###DEBCONF###'
##
## You should use dpkg-reconfigure to configure this file via debconf
##

#
# @(#)$Id: ldap.conf,v 1.38 2006/05/15 08:13:31 lukeh Exp $
#
# This is the configuration file for the LDAP nameservice
# switch library and the LDAP PAM module.
#
# PADL Software
# http://www.padl.com
#

# Your LDAP server. Must be resolvable without using LDAP.
# Multiple hosts may be specified, each separated by a 
# space. How long nss_ldap takes to failover depends on
# whether your LDAP client library supports configurable
# network or connect timeouts (see bind_timelimit).
host stbldap04.sun.ac.za stbldap03.sun.ac.za stbldap02.sun.ac.za stbldap01.sun.ac.za

# The distinguished name of the search base.
base ou=USERS,o=SU

# Another way to specify your LDAP server is to provide an
# uri with the server name. This allows to use
# Unix Domain Sockets to connect to a local LDAP Server.
#uri ldap://127.0.0.1/
#uri ldaps://127.0.0.1/   
#uri ldapi://%2fvar%2frun%2fldapi_sock/
# Note: %2f encodes the '/' used as directory separator

# The LDAP version to use (defaults to 3
# if supported by client library)
ldap_version 3

# The distinguished name to bind to the server with.
# Optional: default is to bind anonymously.
#binddn cn=proxyuser,dc=padl,dc=com

# The credentials to bind with. 
# Optional: default is no credential.
#bindpw secret

# The distinguished name to bind to the server with
# if the effective user ID is root. Password is
# stored in /etc/ldap.secret (mode 600)
#rootbinddn cn=manager,dc=padl,dc=com

# The port.
# Optional: default is 389.
#port 636

Step 1.5 - Test LDAP lookup

Now run a search on the LDAP server: 

sudo ldapsearch -x cn=hgibson

Use whatever filters and attributes that are needed for your campus LDAP server.

If the search is successful then you may continue to setup DSpace.

Retrieved from "http://wiki.lib.sun.ac.za/index.php?title=SUNScholar/Researcher_Authorisation/Step_1&oldid=44167"