In the previous recipe, we installed the LDAP service, but working with LDAP using the command line interface is quite a complex and lengthy task. This recipe covers the installation of a user interface, phpLDAPadmin. The phpldapadmin
package provides an easy-to-use web-based user interface for the LDAP service.
Follow these steps to install phpLDAPadmin:
$ sudo apt-get install phpldapadmin
http://youServerIP/phpldapadmin
./etc/phpldapadmin/config.php
. By default, phpLDAPadmin shows warning messages for unused template files. These warning messages get shown in the main interface before the actual content. To hide them, search for hide_template_warning
in the configuration file and set it to true
. You will also need to uncomment the same line:$config->custom->appearance['hide_template_warning'] = true;
$servers->setValue('server','host','127.0.0.1'); $servers->setValue( 'login','bind_id', 'cn=admin,dc=example, dc=com' ); $servers->setValue( 'server','base',array('dc=example,dc=com') );
connection is unencrypted
. This is just a reminder that you are using the admin console over a non-HTTPs connection. You can set up Apache with SSL certificates to get an encrypted, secure connection with your LDAP server. Check Chapter 3, Working with Web Servers, for more details on how to set up SSL certificates on the Apache web server.While clicking on some of these templates, for example Generic: User Account, you may notice a PHP error saying Error trying to get non-existent value
. The form rendering fails and you cannot see the complete form the with submit button. This is a small bug and can be fixed with a small edit.
Open /usr/share/phpldapadmin/lib/TemplateRender.php
.
Search for the following line:
$default = $this->getServer() ->getValue('appearance','password_hash');
Now update the preceding command as follows:
$default = $this->getServer() ->getValue('appearance','password_hash_custom');
Now you are ready to create groups and respective user accounts on your LDAP server.
In this recipe, we have installed a web-based administration console for the LDAP server. The ldap-utils
package provides various commands to work with the LDAP server, but it is quite a complex and lengthy task. A graphical user interface gives you a better listing of all options and existing configurations, making things a little easier.
The phpLDAPadmin package is a PHP/Apache-based web application that provides a graphical interface for the LDAP server. It displays all options and configurations in an easy-to-use graphical format and passes all user actions to LDAP APIs.
Apache directory studio is another user interface for LDAP administration. It is a desktop application based on Java. You can get more details at https://directory.apache.org/studio/.