• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

The Geek Diary

HowTos | Basics | Concepts

  • Solaris
    • Solaris 11
    • SVM
    • ZFS
    • Zones
    • LDOMs
    • Hardware
  • Linux
    • CentOS/RHEL 7
    • RHCSA notes
    • SuSE Linux Enterprise
    • Linux Services
  • VCS
    • VxVM
  • Interview Questions
  • oracle
    • ASM
    • mysql
    • RAC
    • oracle 12c
    • Data Guard
  • DevOps
    • Docker
    • Shell Scripting
  • Hadoop
    • Hortonworks HDP
      • HDPCA
    • Cloudera
      • CCA 131

Linux OS Service ‘ldap’

By admin

Linux provides both server-side and client-side support for the Lightweight Directory Access Protocol (LDAP) facility. This is a standards-based facility, so it is compatible with other LDAP implementations, including Microsoft’s Active Directory. Data suitable for a directory service has low volatility as LDAP is optimized for read-mostly access; database systems are tailored for more volatile data. A classic example of data suitable for directory services is the ordinary telephone directory.

LDAP content is organized according to a data definition language, or schema. Standard schema are available but customized schema are also possible. Much of the value of using LDAP is to consolidate corporate information about resources, such as login passwords, to centralize administration efforts.

The Linux LDAP implementation has two main components: slapd, a stand-alone LDAP daemon, and slurpd, a stand-alone LDAP replication daemon. The two daemons work cooperatively, slapd maintaining the local LDAP information and slurpd replicating these changes to additional LDAP directories.

Both these LDAP daemons are configured using a common /etc/openldap/slapd.conf file. The ldap service script also consults the /etc/sysconfig/network configuration file to determine whether the Linux network layer is activated, but no LDAP configuration is done there.

Service Control

How to start or stop this service immediately:

# service ldap start
# service ldap stop

To control the service on future boots:

# chkconfig --list ldap
ldap 0:off 1:off 2:off 3:off 4:off 5:off 6:off
# chkconfig ldap on

To obtain this service, install the below package using yum:

Dependencies Resolved

===============================================================================================================================================================================================
 Package                                             Arch                                      Version                                           Repository                               Size
===============================================================================================================================================================================================
Installing:
 openldap-servers                                    x86_64                                    2.4.44-5.el7                                      BAVA                                    2.2 M
Installing for dependencies:
 libtool-ltdl                                        x86_64                                    2.4.2-22.el7_3                                    BAVA                                     49 k
Updating for dependencies:
 openldap                                            x86_64                                    2.4.44-5.el7                                      BAVA                                    354 k

Transaction Summary
===============================================================================================================================================================================================
Install  1 Package  (+1 Dependent package)
Upgrade             ( 1 Dependent package)

Total download size: 2.6 M
Is this ok [y/d/N]: 

Configuration file

Configuration file is /etc/openldap/ldap.conf and the default is shown below:

# vi /etc/openldap/ldap.conf
#BASE dc=example, dc=com
#URI ldap://ldap.example.com ldap://ldap-master.example.com:666

#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never
URI ldap://127.0.0.1/
BASE dc=example,dc=com
TLS_CACERTDIR /etc/openldap/cacerts

This file must be customized prior to starting the LDAP services.

Filed Under: Linux, Linux Services

Some more articles you might also be interested in …

  1. How to Check whether SELinux is Enabled or Disabled
  2. CentOS / RHEL : How to create a Thinly Provisioned Logical Volume
  3. CentOS / RHEL : How to find Logical volumes (LVs) contained in Physical Volume (PVs) in LVM
  4. CentOS / RHEL 7 : How to modify the kernel command line
  5. How to view linux disk partitions (partition table)
  6. DNS configuration file /etc/named.conf explained
  7. Sample /etc/mke2fs.conf file
  8. How to create sparse files in Linux using ‘dd’ command
  9. How to disable IPv6 on CentOS / RHEL 7
  10. CentOS / RHEL 7 : How to Modify GRUB2 Arguments with grubby

You May Also Like

Primary Sidebar

Recent Posts

  • How to Pause and Resume Docker Containers
  • How to find docker storage device and its size (device mapper storage driver)
  • Understanding “docker stats” Command Output
  • ‘docker images’ command error – “Permission Denied”
  • Docker Basics – Expose ports, port binding and docker link
  • Archives
  • Contact Us
  • Copyright

© 2019 · The Geek Diary