Adding the Logins
To finish the LDAP server, you will have to populate the database with the login information for your users. Assuming that your users already have a login on the Ubuntu server where your LDAP database is held, this is a simple process. There is an application called migrationtools that will assist in migrating your current information into the database. To install the application type the command "sudo apt-get install migrationtools."
Before using the tools, you will have to provide your server information in the file /usr/share/migrationtools/migrate_common.ph. Open the file with the command "sudo gedit /usr/share/migrationtools/migrate_common.ph" and look for the following lines, around line 70:
# Default DNS domain
$DEFAULT_MAIL_DOMAIN = "example.com";
# Default base
$DEFAULT_BASE = "dc=example,dc=com";
Place the complete domain name in the $DEFAULT_MAIL_DOMAIN variable. The $DEFAULT_BASE variable splits the domain into the domain components.
Once that is done, you will have to export your current group and password information into a form that can be read by the LDAP database. To do that, you will type the following commands:
./migrate_group.pl /etc/group ~/group.ldif
./migrate_passwd.pl /etc/passwd ~/passwd.ldif
You have to create one more .ldif file before the database can be populated. This file creates the Group and People nodes in the LDAP directory. Create a plain text file called people.ldif in your home and place the following information in it:
dn: ou=People, dc=example, dc=com
dn: ou=Group, dc=example, dc=com
Once the .ldif files are created, you can then import the information into the LDAP database by issuing the following commands from your home directory:
ldapadd -x -W -D "cn=admin,dc=example,dc=coml" -f ~/people_group.ldif
ldapadd -x -W -D "cn=admin,dc=example,dc=com" -f ~/group.ldif
ldapadd -x -W -D "cn=admin,dc=example,dc=com" -f ~/passwd.ldif
The -x option says to use simple authentication. The -W option says to prompt for a password. The -D option specifies the administrator. The -f option says where to find the .ldif file. Once this is done you have an LDAP server that is ready to accept authentication requests from clients.