Page tree

Welcome to FreeSoftwareServers Confluence Wiki

Skip to end of metadata
Go to start of metadata
sudo su
apt-get update
apt-get install -y apache2 slapd ldap-utils phpldapadmin

Replace dc= && ldap:// with your configuration!

sh -c 'echo "BASE dc=freesoftwareservers,dc=com\nURI ldap://192.168.1.255" >> /etc/ldap/ldap.conf'
dpkg-reconfigure slapd

Enter the Following :

NO
freesoftwareservers.com
freesoftwareservers
Admin PWD (Note this is the Ldap User "Admin" PWD, doesn't have to be root/sudo users PWD)
Admin PWD
HDB
NO
YES
NO

Set homedir = /home/$username

 

var="/home/users/"
var2="/home/"
sed -i -e  "s|$var|$var2|g" /etc/phpldapadmin/templates/creation/posixAccount.xml

Enable shell /bin/bash

nano /etc/phpldapadmin/templates/creation/posixAccount.xml
<attribute id="loginShell">
        <display>Login shell</display>
        <order>9</order>
        <page>1</page>
        <!-- <value><![CDATA[=php.PickList(/;(&(objectClass=posixAccount));loginShell;%loginShell%;;;;loginShell)]]></value> -->
        <type>select</type>
        <value id="/bin/sh">/bin/sh</value>
        <value id="/bin/csh">/bin/csh</value>
        <value id="/bin/tsh">/bin/tsh</value>
        <value id="/bin/bash">/bin/bash</value>
</attribute>
cat << EOL >~/openssh-lpk.ldif
dn: cn=openssh-lpk,cn=schema,cn=config
objectClass: olcSchemaConfig
cn: openssh-lpk
olcAttributeTypes: ( 1.3.6.1.4.1.24552.500.1.1.1.13 NAME 'sshPublicKey' 
  DESC 'MANDATORY: OpenSSH Public key' 
  EQUALITY octetStringMatch
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
olcObjectClasses: ( 1.3.6.1.4.1.24552.500.1.1.2.0 NAME 'ldapPublicKey' SUP top AUXILIARY
  DESC 'MANDATORY: OpenSSH LPK objectclass'
  MAY ( sshPublicKey $ uid ) 
  )
EOL

Enable Public Key Attribute :

 

ldapadd -Y EXTERNAL -H ldapi:/// -f ~/openssh-lpk.ldif

Replace freesoftwareservers & 192.168.1.255 && the 3rd line if you dont use .com

sed -i -e 's/127.0.0.1/192.168.1.255/g' /etc/phpldapadmin/config.php 
sed -i -e 's/dc=example/dc=freesoftwareservers/g' /etc/phpldapadmin/config.php
 
 
sed -i -e 's/dc=com/dc={org,net,edu}/g' /etc/phpldapadmin/config.php

Leave this as is

sed -i -e 's/password_hash/password_hash_custom/g' /usr/share/phpldapadmin/lib/TemplateRender.php 
sh -c 'echo "RedirectMatch ^/$ /phpldapadmin/" >> /etc/apache2/apache2.conf'
ufw allow 389
ufw allow 80
service apache2 restart
  • No labels