LDAP White Pages
Server Training - Server Management

The first project that you may want to do with LDAP is to create a company white pages, a directory with information on the users and the data related to users in your company.  You will need to decide what you want information you want to retain for each user.

Lesson 8 / Quiz

The schema you want to use is the inetOrgPerson schema which contains all of the necessary attributes you will want to use.


Required Attributes
There are two required attributes for each user that you create, which are cn: and sn:.
cn:
sn:

Optional Attributes

These are attributes you can use for your White Pages and the users that you have there.

audio
businessCategory
carLicense
departmentNumber
displayName
employeeNumber
employeeType
givenName
homePhone
homePostalAddress
initials
jpegPhoto
labeledURI
mail
manager
mobile
o
pager
photo
roomNumber
secretary
uid
userCertificate
x500uniqueIdentifier
preferredLanguage
userSMIMECertificate
userPKCS12


Make sure you have a working LDAP server for your network.  Here is an example slapd.conf, note the permissions so that everyone can read the White Pages.

Edit /etc/openldap/slapd.conf

 This file should NOT be world readable.
#
include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/inetorgperson.schema
include         /etc/openldap/schema/nis.schema
 
# Allow LDAPv2 client connections.  This is NOT the default.
allow update_anon
 
pidfile         /var/run/openldap/slapd.pid
argsfile        /var/run/openldap/slapd.args
 
# ACLs
access to * by * read
 
#######################################################################
# ldbm and/or bdb database definitions
#######################################################################
 
database        bdb
suffix dc=linux,dc=local
rootdn cn=admin,dc=linux,dc=local
 
rootpw {crypt}612aTH4BrRhJk
 
directory       /var/lib/ldap
 
# Indices to maintain for this database
index objectClass                       eq,pres
index ou,cn,mail,surname,givenname      eq,pres,sub
index uidNumber,gidNumber,loginShell    eq,pres
index uid,memberUid                     eq,pres,sub
index nisMapName,nisMapEntry            eq,pres,sub

 

The next thing you need to do is create a ldif page with your users and the attributes you want for your users.  You will need to place a blank line between each user if you do more than one user in a file.

# Example LDIF for White Pages
dn: cn=Melvin Jackson,ou=people,dc=linux,dc=local
objectClass: inetOrgPerson
cn: Melvin Jackson
sn: Jackson
businessCategory: Research and Development
carLicense:  MJ456 Z234
employeeNumber:  2387997
employeeType:  permanent
homePhone: 406-442-0234
homePostalAddress:  200 Montana Ave, Helena, MT.59601
initials: mj
labeledURI: http://linux_local.net
mail: mjackson@linux.local
mobile:  800-234-8977
pager: 345-567-6789
roomNumber:  123B
uid: melvin

 

Stop your LDAP server with:

service ldap stop

Add your ldif file with:

slapadd -l user.ldif

Then start your server with:

service ldap start

Test Your Entry From a Client

# ldapsearch -x -b "dc=linux,dc=local" 'uid=melvin'
# extended LDIF
#
# LDAPv3
# base <dc=linux,dc=local> with scope subtree
# filter: uid=melvin
# requesting: ALL
#
 
# Melvin Jackson, people, linux.local
dn: cn=Melvin Jackson,ou=people,dc=linux,dc=local
objectClass: inetOrgPerson
cn: Melvin Jackson
sn: Jackson
businessCategory: Research and Development
carLicense: MJ456 Z234
departmentNumber: 45G
employeeNumber: 2387997
employeeType: permanent
homePhone: 406-442-0234
homePostalAddress: 200 Montana Ave, Helena, MT.59601
initials: mj
labeledURI: http://linux_local.net
mail: mjackson@linux.local
mobile: 800-234-8977
pager: 345-567-6789
roomNumber: 123B
uid: melvin
 
# search result
search: 2
result: 0 Success
 
# numResponses: 2
# numEntries: 1

Copyright by CyberMontana Inc.
Cannot be reproduced without written permission.  Box 1262 Trout Creek, MT 59874