Symas OpenLDAP Knowledge Base

Symas OpenLDAP for Linux

With the release of RHEL 8 OpenLDAP is no longer integrated as part of the RedHat/CentOS operating systems. Not to worry. Symas has filled the void by providing up-to-date OpenLDAP for Linux packages for RHEL 7 and 8 which completely replace and improve upon those provided by RedHat. Plus, Symas offers superior customer support for OpenLDAP.

Obtaining Symas OpenLDAP for Linux

Visit the following site to find out more information about Symas OpenLDAP for Linux including how to add the necessary repository: https://symas.com/symas-providing-openldap-support-redhat-installed-systems/

Installing Symas OpenLDAP for Linux

NOTE: All commands to be run as the root user

    systemctl stop slapd
    
    yum erase openldap-clients openldap-servers 
    
    wget -q https://repo.symas.com/configs/SOFL/rhel7/sofl.repo -O
    /etc/yum.repos.d/sofl.repo
    
    yum update
    
    yum install symas-openldap-clients symas-openldap-servers 
    
    systemctl start slapd

These steps stop any existing slapd process (specific to RHEL7), remove any existing openldap packages (specific to RHEL7), create the new SOfL repo (use https://repo.symas.com/configs/SOFL/rhel8/sofl.repo for RHEL 8), install the clients and servers packages and start the slapd process. It’s just that easy.

All file locations and functionality match exactly what RHEL built and included previous, but Symas’s packages are always up-to-date with the latest patches and newest features.

Updating Symas OpenLDAP for Linux

As a repo-based software, updating SOfL is as easy as running the following commands as the root user.

    systemctl stop slapd
    
    yum update symas-openldap-clients symas-openldap-servers -y 
    
    systemctl start slapd

Customizing the Default Configuration

Symas OpenLDAP for Linux includes a basic configuration and blank database. The basic configuration allows modifications by the root user only from the command line utilizing the ldapi socket. To utilize an LDAP browser to view the configuration, a root password must be added to the cn=config database definition. To do this create an ldif with the following information (adjust password value as needed):

    vi /tmp/rootpw.ldif
    dn: olcDatabase={2}hdb,cn=config
    changetype: modify
    add: olcRootPW
    olcRootPW: secret

Import it using ldapmodify:

    ldapmodify -H ldapi:/// -f /tmp/rootpw.ldif 

The configuration comes with only the core schema file loaded (essential for the slapd process to start). Add other commonly used schemas with ldapadd commands as follows:

    ldapadd -H ldapi:/// -f /etc/openldap/schema/cosine.ldif 

    ldapadd -H ldapi:/// -f /etc/openldap/schema/inetorgperson.ldif 

Once necessary schema files have been loaded you can add database content (saved in ldif format) with an ldapadd command. The following example populates the database with content found in a file called db.ldif:

    ldapadd -H ldapi:/// -f /tmp/db.ldif

Support Options

Symas has been the principal contributor to the OpenLDAP Project since its inception. Our engineers developed and maintain over 90% of the OpenLDAP code that the Linux distros are shipping. Until recently, we’ve been supporting only our enterprise version of OpenLDAP, Symas OpenLDAP Gold – but as of 2019, that has changed.

The same team that’s been supporting OpenLDAP for telecoms and Fortune 500 companies can now support your Linux OpenLDAP software.

What You Get

  • Always There. We’re available 24x7x365, with critical issue coverage to ensure you get help when you need it
  • OpenLDAP Experts. Work with engineers who’ve been supporting OpenLDAP since the project began, in configurations ranging from small two- and three-server systems to the biggest, most complicated environments across the globe
  • Backed By the Developers. We employ more OpenLDAP developers than any other organization. We wrote the database, the internals, and just about everything else in OpenLDAP
  • Fixed Price. No cap, no kidding

Reach out to Symas Sales for more information: or call 855-796-2726