How To Install OpenLDAP Server for Centralized Authentication

If You Appreciate What We Do Here On TecMint, You Should Consider:

  1. Stay Connected to: Twitter | Facebook | Google Plus
  2. Subscribe to our email updates: Sign Up Now
  3. Get your own self-hosted blog with a Free Domain at ($3.45/month).
  4. Become a Supporter - Make a contribution via PayPal
  5. Support us by purchasing our premium books in PDF format.
  6. Support us by taking our online Linux courses

We are thankful for your never ending support.

Aaron Kili

Aaron Kili is a Linux and F.O.S.S enthusiast, an upcoming Linux SysAdmin, web developer, and currently a content creator for TecMint who loves working with computers and strongly believes in sharing knowledge.

Your name can also be listed here. Got a tip? Submit it here to become an TecMint author.

RedHat RHCE and RHCSA Certification Book
Linux Foundation LFCS and LFCE Certification Preparation Guide

You may also like...

7 Responses

  1. Sergio says:

    I’m getting “ldapadd: incompatible with previous authentication choice“ error when typing “sudo ldapadd -Y EXTERNAL -x -D cn=Manager,dc=example,dc=com -W -f baseldapdomain.ldif“ in step 11, any help please?

  2. Lawrence says:

    Install openldap-clients for CentOS

  3. a says:

    openLDAP vs freeIPA

    openLDAP
    • Its good but it lacks integration with Kerberos
    • Supports Debian
    • Good for single authentication rather than single sign-on
    • Good if you need a common repository for user information
    freeIPA
    • FreeIPA is good idea, but its not in Debian’s repos (only sid).
    • We could try to install it from sid, but it’s not stable and production ready. it stable only in RedHat family (centos/fedora).
    • Good for single sign on
  4. sas says:

    OpenLDAP vs Apache DS

    OpenLDAP:
    • More scalable and light weight.
    • Limited tools for managing LDAP Servers. OpenLDAP must be configured via command line using LDIF’s.
    • repetitive work that you have almost certainly have to have a domain administrator doing
    • OpenLDAP crashes under load. They have poor performance in write and mediocre in read only. They both use a BerkeleyDB internally and exhibit similar behavior
    ApacheDS:
    • ApacheDS has a client solution
    • their config’s are separated into XML files.
    • ApacheDS is built on Java and yes you can expect there to be garbage collection.
    • ApacheDS had to be configured with a special option (no write sync) to add initial users or it would have taken an entire week. They are not satisfactory. It looks like there is some sort of internal locking in the ldap or the database which block access to entries and result in shitty performances.
  5. not necessary says:

    So many missing parts…
    I’ve trusted you and you failed me.
    ldapadd command not found
    ldapadd: incompatible with previous authentication choice

  6. vergissmi.net says:

    In step 11 I had to remove -Y EXTERNAL to not get this error:

    ldapadd: incompatible with previous authentication choice
    

    This did work:

    # ldapadd -x -D cn=Manager,dc=example,dc=com -W -f baseldapdomain.ldif
    

    Thank you for the many times you helped me out already!

    • emy says:

      In step 10, when I run the command ldapmodify -Y EXTERNAL -H ldapi:/// -f ldapdomain.ldif, I had this error : (ldap_modify : Invalid DN syntax(34) additional info: invalid DN).

      Help me please..

Got something to say? Join the discussion.

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.