Monday, 21 June 2010

HOWTO: phpLDAPadmin on 10.04 Lucid Lynx

PLATFORM:
* Ubuntu Server 10.04 LTS (Lucid)

PREREQUISITES:
* A vanilla Ubuntu 10.04 server install.
* You have successfully installed a working LDAP server

Network overview;
* domain name: example.com
* ldap-server 10.1.1.5

Currently, the version of phpLDAPadmin that is in the Lucid repositories is a relatively old version (v1.1.07) which is not compatible with the version of PHP that actually ships with Lucid (v5.3.2).

Doh!

What we need to do is use the current version (v1.2.0.5) from Launchpad

wget https://launchpad.net/~ubuntu-security-proposed/+archive/ppa/+build/1744905/+files/phpldapadmin_1.2.0.5-1ubuntu1.10.04.1_all.deb

Install dependancies

sudo apt-get install apache2 apache2-mpm-prefork apache2-utils apache2.2-bin apache2.2-common libapache2-mod-php5 libapr1 libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap php5-common php5-ldap ssl-cert

Install the package

sudo dpkg -i phpldapadmin_1.2.0.5-1ubuntu1.10.04.1_all.deb

Make a softlink to the downloaded version of php

sudo ln -s /usr/share/phpldapadmin /var/www/phpldapadmin

Pointing phpldapadmin to your domain;

Edit config.php

sudo vi /etc/phpldapadmin/config.php

Find these lines;

$servers->setValue('server','base',array('dc=example,dc=com'));

$servers->setValue('login','bind_id','cn=admin,dc=example,dc=com');


Change the lines to suit your own network. In my case this would be like this;

$servers->setValue('login','bind_id','cn=admin,dc=tuxnetworks,dc=com');

Restart apache

sudo /etc/init.d/apache2 restart

Test it by browsing to your ldap server at;

http://10.1.1.5/phpldapadmin/

and login using;

USER: cn=admin,dc=example,dc=com
PASS: your_password

Once you have logged in, expand the tree & you should see something like this;

+--> dc=example,dc=com (3)
---> cn=admin
+--> ou=groups (1)
+--> ou=people (1)
---> Create new entry here


And that's it, you're done!

14 comments:

Doug182 said...

hola a todos, tengo una pregunta...
ya tengo instalado phpldapadmin v12.0.5 pero cuando selecciono algun objeto del arbol que he creado, siempre me da el mensaje:
"seleccione una plantilla para poder editar la entrada"

que podria hacer al respecto espero me puedan ayudar a menos que esto haya cambiado de acuerdo a la version y tenga que hacer eso siempre.

de antemano muchas gracias!!!

Ben van Brakel said...

Thaks for you fantastic work, openldap is running now but in phpldapadmin I got the error "missing LDAP support.

php5-ldap is installed and apache2 is working with manager webapp and Host-manager webapp correctly.

I'm new in UBUNTU 10.04 in the '90 I was working with open Unix SCO but that is long aga, can you give me a hint.

Thans a lot so far, best regards.

Ben van Brakel, ANBENNA NL/UA

Tom Wright said...

Hi there,

Great post. I was stuck at this for ages on my laptop before trying it on the server, which actually runs 9.10 - d'oh!

Anyway, I have a question and I'm hoping it'll be the same for the 10.04 installation. Where am I supposed to put custom template files?

If you're on Serverfault, I can give you rep for an answer to this question.

Best,
Tom

Brett said...

Hi Tom, I don't really know anything about custom templates but a quick google search reveals this;

http://phpldapadmin.sourceforge.net/wiki/index.php/Templates

mrahk said...

Yes, now we're talking!
The initial setup by Webmin was completely broken.
So I decided to apt-get remove it and to try you tutorial instead.
In certain situations I still get a list of question marked warnings by phpldapadmin about amongst others things that have been removed, but the LDAP server seems to work anyway.

Many thanks! You deserve a medal, man.

Ben van Brakel said...

Thanks a lot all is working fine.
You did a great job.

Takashi said...

Hi! Thank's to you I could set up my ldap server! :)

But I have a question. How can I add new users to samba through phpLDAPadmin, without using smbldap-useradd command? I tried using Samba Account and Generic User Account but none of them works like the command used in the terminal. Do you have any idea? Thank you! :)

Takashi said...

Thanks to you I could run my first LDAP Server. Thank you very much! :)

But I need to know just a thing. How can I add a new user through phpLDAPadmin like the smbldap-useradd command? I tried using Samba Account and Generic User Account options but none of them worked like the command used in the terminal. Any idea? Thank you!

Brett said...

Sorry Takeshi

I can't really help you with that, there seems to be a problem with phpmyldapadmin the way this is configured and I ahven't the time to try and fix it.

Takashi said...

Thank's, Brett for answering my question! :)

I looked for a solution in Google and someone told about templates, but I really don't know how to work with it.

Well, at least my LDAP server is working... your tutorial was the only one that worked at first try. I couldn't believe that it was working. Thank you very much! :)

Takashi said...

Greetings from Brazil! :)

Anonymous said...

Yes and even in Germany your pages are read. After 4 different roads to LDAP it finally works following your description.

ali888 said...

Thanks Brett. It works really well for me at my first attempt. Very easy to follow.

However, I wonder if you could help me out here. What I intend to do (and I do not know whether or not I am on the wrong track here) is allow different users to be able to log in to the same machine. Now, I know the easier way of achieving that is to create/add a number of users to the server so that they can log in. The problem with this is when you want to log in, you'd get a long list of users in the drop-down box. Now, given that I have got the ldap server authentication working (thanks to your step by step tutorial), I went to test to see if I can let a multiple of users log in but it failed to work. Different users still get authentication issue. I wonder if there are any other way of achieving what I'd like it to do.

Thank you

Anonymous said...

the password doesnt work for brett account, i cannot do anything else