Ray: Experimental

shot this page

My Visitor

Like this site!

Wanna help other found this site? +1 us now!

Google +1 Button Privacy Policy

Synology Tags

My WebHost

I recommend hostgator, here is why.
«  
  »

Synology DS207+ usage series 9 - Setup OpenLDAP on DS207+

Setup OpenLDAP is easy, the only thing that took time for new user like me is to create a syntax-error-free ldif file that could be able to import to the system :-/

Pre-requisites:

  1. The diskstation is already bootstrapped.
  2. Telnet or SSH is enabled

Click the link below for the procedures that I took to setup and configuration OpenLDAP on DS207+/DS101j

* Also tested on DS101j


Install OpenLDAP

  1. Telnet/SSH to the diskstation
  2. # ipkg -force-depends install openldap
  3. Edit /opt/etc/openldap/slapd.conf, includes at least the following schema
    
include /opt/etc/openldap/schema/core.schema
include /opt/etc/openldap/schema/cosine.schema
include /opt/etc/openldap/schema/inetorgperson.schema
include /opt/etc/openldap/schema/misc.schema
include /opt/etc/openldap/schema/openldap.schema
  4. Create the hashed password for administrator
    # slappasswd
# New password:
# Re-enter new password:
{SSHA}xxxxxxxxxxxxxxxxxxxxxxx

    Code highlighted in red is the hashed password we need to copy and paste to slapd.conf.

  5. Edit /opt/etc/openldap/slapd.conf, edit the following lines:
    
## suppose your domain name is mydomain.com, change to your own domain
suffix          "dc=mydomain,dc=com"
rootdn          "cn=[your ldap admin username],dc=mydomain,dc=com"
rootpw          [your hashed password here]
  6. Add the following ACL to slapd.conf
    access to attrs=userPassword
 by dn="cn=[your ldap admin username],dc=mydomain,dc=com" write
 by anonymous auth
 by self write
 by * none

access to dn.regex=".*,dc=mydomain,dc=com"
 by dn="cn=[your ldap admin username],dc=mydomain,dc=com" write
 by users read
 by anonymous auth
  7. Now the setup is completed! Run the OpenLDAP server manually
    
# /opt/etc/init.d/S58slapd
  8. If setup is correct, there should be a few slapd instances running
    
# ps auxwww | grep slapd

    If not running, verify the slapd.conf

Pages: 1 2 3 4

May 23rd, 2009 | Tags: , , , , | Category: Synology

6 comments to Synology usage series 9 – Setup OpenLDAP on DS207+

  • Luki
    February 3, 2010 at 5:51 am · Reply

    Hi
    Your tutorial is perfect
    i have ds110j and i’ve done everything and it works but i can’t put ldif file to LDAP

    I get
    ldap_bind: Invalid credentials (49)

    I have checked everything but i’m something missing.

    Please can You help ??

    Thankyou

  • Luki
    February 4, 2010 at 3:53 am · Reply

    Please can You help me – if it is necessary i can set up my synology on external ip so that You could see it :) Thank You for Your help

    • Ray
      February 4, 2010 at 9:55 am · Reply

      LDAP schema is a pain to learn.

      I’m not familar with LDAP schema. I’m afraid I don’t have enough skill to debug your LDIF.

      I’m also new to LDAP things. It took me couple days to write the LDIF sample in page 2 -_-;

      By the way, make sure you are binding as ldap administrator when running ldapadd (make sure the password is correct)

      Good Luck!

  • Luki
    February 5, 2010 at 2:15 am · Reply

    How can i check it if the password is ok. i used slappasswd and got a password in ssh hash and i have put it in slapd.conf

    What else can i check ??

  • Luki
    February 23, 2010 at 4:16 pm · Reply

    Hi
    Now i can confirm that it works perfectly on ds110j.

    Thanks to You Ray.

    keep up the good work… and good luck.

Leave a Reply

  

  

  

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Before you submit form:
Human test by Not Captcha