Difference between revisions of "SUNScholar/Researcher Authorisation/Step 1"
Jump to navigation
Jump to search
| (12 intermediate revisions by the same user not shown) | |||
| Line 9: | Line 9: | ||
To check LDAP works, first install the following: | To check LDAP works, first install the following: | ||
sudo apt-get install ldap-utils ldap-auth-config | sudo apt-get install ldap-utils ldap-auth-config | ||
| − | Fill in all the details requested during installation | + | <font color="red">'''Fill in all the details as requested during the installation.'''</font> |
| − | ===Step 1.3 - Prepare ldap.conf== | + | |
| + | ===Step 1.3 - Prepare ldap.conf=== | ||
Go to the following folder: | Go to the following folder: | ||
| − | + | cd /etc/ldap | |
Copy the original ldap.conf: | Copy the original ldap.conf: | ||
sudo cp ldap.conf ldap.conf-orig | sudo cp ldap.conf ldap.conf-orig | ||
| Line 20: | Line 21: | ||
sudo ln -s ../ldap.conf | sudo ln -s ../ldap.conf | ||
| − | |||
Example listing of ldap files. | Example listing of ldap files. | ||
<pre> | <pre> | ||
| Line 29: | Line 29: | ||
-rw-r--r-- 1 root root 245 2010-09-17 20:12 ldap.conf-orig | -rw-r--r-- 1 root root 245 2010-09-17 20:12 ldap.conf-orig | ||
</pre> | </pre> | ||
| − | + | ||
| + | ===Step 1.4 - Modify ldap.conf=== | ||
| + | Type the following; | ||
| + | sudo nano /etc/ldap.conf | ||
| + | |||
| + | See the example ldap.conf file below for recommended settings. | ||
<pre> | <pre> | ||
###DEBCONF### | ###DEBCONF### | ||
| Line 54: | Line 59: | ||
# whether your LDAP client library supports configurable | # whether your LDAP client library supports configurable | ||
# network or connect timeouts (see bind_timelimit). | # network or connect timeouts (see bind_timelimit). | ||
| − | host | + | host stbldap04.sun.ac.za stbldap03.sun.ac.za stbldap02.sun.ac.za stbldap01.sun.ac.za |
# The distinguished name of the search base. | # The distinguished name of the search base. | ||
| Line 86: | Line 91: | ||
# The port. | # The port. | ||
# Optional: default is 389. | # Optional: default is 389. | ||
| − | port 636 | + | #port 636 |
</pre> | </pre> | ||
| − | === | + | |
| + | ===Step 1.5 - Test LDAP lookup=== | ||
Now run a search on the LDAP server: | Now run a search on the LDAP server: | ||
sudo ldapsearch -x cn=hgibson | sudo ldapsearch -x cn=hgibson | ||
| Line 94: | Line 100: | ||
If the search is successful then you may continue to setup DSpace. | If the search is successful then you may continue to setup DSpace. | ||
| + | [[Category:System Administration]] | ||
Latest revision as of 12:54, 29 July 2016
NEXT - STEP 2
Contents
Step 1 - Local server LDAP configuration
Step 1.1 - Login
Login to the server:
http://wiki.lib.sun.ac.za/index.php/SUNScholar/Prepare_Ubuntu/S01
Step 1.2 - Install software
To check LDAP works, first install the following:
sudo apt-get install ldap-utils ldap-auth-config
Fill in all the details as requested during the installation.
Step 1.3 - Prepare ldap.conf
Go to the following folder:
cd /etc/ldap
Copy the original ldap.conf:
sudo cp ldap.conf ldap.conf-orig
Delete the original:
sudo rm ldap.conf
Create a link to the master ldap.conf
sudo ln -s ../ldap.conf
Example listing of ldap files.
root@ir1:/etc/ldap# ls -l total 8 lrwxrwxrwx 1 root root 12 2010-09-17 20:13 ldap.conf -> ../ldap.conf -rw-r--r-- 1 root root 245 2011-12-19 18:19 ldap.conf.dpkg-new -rw-r--r-- 1 root root 245 2010-09-17 20:12 ldap.conf-orig
Step 1.4 - Modify ldap.conf
Type the following;
sudo nano /etc/ldap.conf
See the example ldap.conf file below for recommended settings.
###DEBCONF### ## ## Configuration of this file will be managed by debconf as long as the ## first line of the file says '###DEBCONF###' ## ## You should use dpkg-reconfigure to configure this file via debconf ## # # @(#)$Id: ldap.conf,v 1.38 2006/05/15 08:13:31 lukeh Exp $ # # This is the configuration file for the LDAP nameservice # switch library and the LDAP PAM module. # # PADL Software # http://www.padl.com # # Your LDAP server. Must be resolvable without using LDAP. # Multiple hosts may be specified, each separated by a # space. How long nss_ldap takes to failover depends on # whether your LDAP client library supports configurable # network or connect timeouts (see bind_timelimit). host stbldap04.sun.ac.za stbldap03.sun.ac.za stbldap02.sun.ac.za stbldap01.sun.ac.za # The distinguished name of the search base. base ou=USERS,o=SU # Another way to specify your LDAP server is to provide an # uri with the server name. This allows to use # Unix Domain Sockets to connect to a local LDAP Server. #uri ldap://127.0.0.1/ #uri ldaps://127.0.0.1/ #uri ldapi://%2fvar%2frun%2fldapi_sock/ # Note: %2f encodes the '/' used as directory separator # The LDAP version to use (defaults to 3 # if supported by client library) ldap_version 3 # The distinguished name to bind to the server with. # Optional: default is to bind anonymously. #binddn cn=proxyuser,dc=padl,dc=com # The credentials to bind with. # Optional: default is no credential. #bindpw secret # The distinguished name to bind to the server with # if the effective user ID is root. Password is # stored in /etc/ldap.secret (mode 600) #rootbinddn cn=manager,dc=padl,dc=com # The port. # Optional: default is 389. #port 636
Step 1.5 - Test LDAP lookup
Now run a search on the LDAP server:
sudo ldapsearch -x cn=hgibson
Use whatever filters and attributes that are needed for your campus LDAP server.
If the search is successful then you may continue to setup DSpace.
