Easily configure your OpenLDAP server
The tools has been developed and tested on Debian 9 only. Some packages are
needed:
% apt install debconf ldap-utils slapd
The TLS certificates have been generated by certbot
(Let’s Encrypt).
First you need to generate a dhparam.pem file by using this command:
% openssl dhparam -out /etc/letsencrypt/live/dhparam.pem 4096
The numbits parameter can be replaced by 2048 it the generation take too long.
Then clone the repository and run the slapd-configure script. It will ask you
some questions in order to properly configure your OpenLDAP server:
% git clone https://github.com/jmlemetayer/slapd-configure.git% ./slapd-configure/slapd-configureRemove old database? [Y/n] yEnter Admin Password: ********Retype Admin Password: ********Enter Config Password: ********Retype Config Password: ********Enter Read Only Password: ********Retype Read Only Password: ********TLS private key file (privkey.pem): /etc/letsencrypt/live/ldap.jml.bzh/privkey.pemTLS server certificate file (cert.pem): /etc/letsencrypt/live/ldap.jml.bzh/cert.pemTLS CA certificate file (fullchain.pem): /etc/letsencrypt/live/ldap.jml.bzh/fullchain.pemTLS DH parameter file (dhparam.pem): /etc/letsencrypt/live/dhparam.pem
The slapd-configure script has been inspired by the
@osixia/docker-openldap project.
The slapd-configure script is released under the MIT License.