Introduction

Managing an OpenLDAP database is not always simple, especially when you don’t know all the fields by heart (and there are so many of them).

Here’s a fairly simple web-based interface to use. For those curious about other graphical interfaces (non-web), there are:

Installation

Let’s use the magic command:

1
apt-get install phpldapadmin

Configuration

Minimum Configuration

Edit the file /etc/phpldapadmin/config.php and adapt these lines:

1
2
3
4
5
6
$ldapservers->SetValue($i,'server','name','Deimos LDAP Server');
$ldapservers->SetValue($i,'server','host','127.0.0.1');
$ldapservers->SetValue($i,'server','base',array('dc=deimos,dc=fr'));
$ldapservers->SetValue($i,'server','auth_type','session');
$ldapservers->SetValue($i,'login','dn','cn=admin,dc=deimos,dc=fr');
$ldapservers->SetValue($i,'login','pass','le_bon_mot_de_passe_a_entrer');

Disabling Anonymous Account

Edit the file /etc/phpldapadmin/config.php. First, we don’t need to allow people without accounts to have read access to the LDAP through our new interface. Here’s the line to look for:

1
2
/* Enable anonymous bind login. */
// $ldapservers->SetValue($i,'login','anon_bind',true);

Replace it with:

1
$ldapservers->SetValue($i,'login','anon_bind',false);

Lighttpd

A little configuration for Lighttpd? Let’s go:

1
2
3
4
# Alias for phpldapadmin directory
alias.url += (
   "/phpldapadmin" => "/usr/share/phpldapadmin/htdocs"
)

I think this configuration is not optimal and certainly not very secure, but at least it works.

Last updated 11 May 2009, 11:06 CEST. history