Home HowTos Directory Server

Directory Server HowTos OpenLDAP

Install and Setup

phpLDAPadmin on
Ubuntu 20.04
By gen_too - May 9, 2020 3187 1

phpLDAPadmin (also known as PLA) is a

web-based application written in PHP for
administering LDAP servers. In this guide,
you will learn how to install and setup
phpLDAPadmin on Ubuntu 20.04. PLA is
designed to manage records in an LDAP
server, including creating, modifying,
deleting records.

Learn how to install and setup OpenLDAP

server with SSL/TLS on Ubuntu 20.04 by
following the link below;

Install and Setup OpenLDAP Server on

Ubuntu 20.04

Install and Setup

phpLDAPadmin on
Ubuntu 20.04

Install phpLDAPadmin on
Ubuntu 20.04
phpLDAPadmin is available on Ubuntu
20.04 repos;

apt show phpldapadmin

Package: phpldapadmin
Version: 1.2.2-6.3
Priority: extra
Section: universe/admin
Origin: Ubuntu
Maintainer: Ubuntu Developers
ubuntu-devel-
discuss@lists.ubuntu.com
Original-Maintainer: Fabio
Tranchitella
kobold@debian.org
Bugs:
https://bugs.launchpad.net/ubuntu/+filebug

Installed-Size: 4,686 kB
Depends: php, php-ldap, php-
xml, ucf (>= 0.28), debconf
(>= 0.5) | debconf-2.0
Download-Size: 719 kB
APT-Sources:
http://us.archive.ubuntu.com/ubuntu
focal/universe amd64
Packages

You can simply install it by running the

command below;

apt install phpldapadmin

Note that will install phpLDAPadmin with

PHP 7.4. So expect a number of warnings
on deprecation when running
phpLDAPadmin.

Configuring phpLDAPadmin
on Ubuntu 20.04
The default configuration file for
phpLDAPadmin is
/etc/phpldapadmin/config.php .
This is the file that we are going to edit to
make our configuration changes as per
LDAP server settings.

vim
/etc/phpldapadmin/config.php

The configuration file is highly

commented. We are only going to make a
few changes in this demo, enough to
access and run phpLDAPadmin to
administer LDAP server.

Set a suitable name for your LDAP server.

This is the name that will appear on
phpLDAPadmin web interface.

/*********************************************

* Define your LDAP servers

in this section *

*********************************************/

...
...
/* A convenient name that
will appear in the tree
viewer and throughout
phpLDAPadmin to identify
this LDAP server to users. */
$servers-
>setValue('server','name','Kifarunix-
demo LDAP Server');
...

Define the IP address or resolvable

hostname of your OpenLDAP server;

$servers-
>setValue('server','host','ldap.kifarunix-
demo.com');

Define the port on which your OpenLDAP

server is listening on. In our demo, our
OpenLDAP is configured with StartTLS
(port 389).

/* The port your LDAP server

listens on (no quotes). 389
is standard. */
$servers-
>setValue('server','port',389);

Set the OpenLDAP base DN. In our setup,

OpenLDAP base DN is set to
dc=kifarunix-demo,dc=com .

/* Array of base DNs of your

LDAP server. Leave this blank
to have phpLDAPadmin
auto-detect it for you. */
$servers-
>setValue('server','base',array('dc=kifarunix-
demo,dc=com'));

Define your phpLDAPadmin

authentication type. In this demo, we
choose the default authentication type,
session .

$servers-
>setValue('login','auth_type','session');

Define the Bind DN of the administrative

user to login to phpLDAPadmin;

$servers-
>setValue('login','bind_id','cn=admin,dc=kifar
demo,dc=com');

You can optionally specify an attribute to

use when logging in. In our case, we want
to use full DN,
cn=admin,dc=kifarunix-
demo,dc=com , for logging in.

$servers-
>setValue('login','attr','dn');

Configure user ID auto increment when

creating users from phpLDAPadmin web
interface. This ensures that you do not re-
use already assigned user and group IDs.
In this setup, we choose the ID from
10000.

/* The minimum number to use

when searching for the next
available number
(only when 'search' is used
for auto_number. */
$servers-
>setValue('auto_number','min',array('uidNumber

That is all the changes we could make in

this guide. Go through the configuration
file and choose any other option you want
to configure.

Save and exit the file once done with

configuration.

Configure Apache for

phpLDAPadmin
If you need to make any changes on
phpLDAPadmin Apache configuration,
edit the file, /etc/apache2/conf-
available/phpldapadmin.conf and
make your changes. We go with the
default settings in our case.

Disable Apache default site (with welcome

page)

a2dissite 000-default.conf

Open Apache on firewall to allow external

access.

ufw allow 80/tcp

Restart Apache;

systemctl restart apache2

Accessing phpLDAPadmin
on Browser
You can access phpLDAPadmin using the
address, http://server-IP-or-
Hostname/phpldapadmin .

If you get the warning,

Deprecated: Array and string
offset access syntax with curly
braces is deprecated in
/usr/share/phpldapadmin/lib/functions.php
on line 1614 , you can simply replace
the curly braces ( {} ) with square
brackets ( [] ) on the affected line, 1614.


Click login to login to you phpLDAPadmin
web user interface. Since we already
defined the admin Bind DN, simply enter
the password and login;

Upon successful authentication, you land

on phpLDAPadmin dashboard.

You can now administer your LDAP server

with web interface.

Create LDAP User on

phpLDAPadmin
As an example, we will learn how to create
an LDAP user and its group using
phpLDAPadmin.

Create user posixGroup

Click ou=group . Then click Create

new entry here {option 1} or click
Create a child entry {option 2}.

Next, click Generic: Posix Group

template for creating an LDAP user group.

Enter name of the group, which in this

case we set it to be same as the uid of the
user we are going to create. If you
noticed, the group is autopopulated.

If you want any other users to be part of

the group, select their usernames. Click
Create Object once done and
commit the changes.

Create user posixAccount

Once you have a user group created,

proceed to create the user account. Click
on ou=people and similarly, you have
two options, either click Create new
entry here or click Create a child
entry .

Select the Generic: User Account

template for creating user object.

Generate user password hash;

slappasswd

New password: password

Re-enter new password:
password
{SSHA}vrJOf+/AFD9pdGKo/azGavDfbZ8OGJX1

If you need to verify if the password

matches the pasted hash, click check
password.

When you set the password, select ssha

and paste the hash above as the
password.

Fill in the user details appropriately as

shown in the screenshot below;

Once done, click Create Object once

done and commit the changes.

Note, to be able to have bash among the

shell options, edit the posixAccount
creation template and add bash option by
running the command;

sed -i '/<value
id="\/bin\/tsh">\/bin\/tsh<\
/value>/a \\t<value
id="/bin/bash">\/bin\/bash<\
/value>'
/etc/phpldapadmin/templates/
creation/posixAccount.xml

If you have the user information in an LDIF

file, you can import this file by clicking
import at the top menu bar on the left
pane.

To confirm the user creation on

OpenLDAP server backend;

ldapsearch -H ldapi:/// -Y
EXTERNAL -b "dc=kifarunix-
demo,dc=com" "(&
(objectclass=posixAccount)
(uid=janedoe))" -LLL -Q

dn:
cn=janedoe,ou=people,dc=kifarunix-
demo,dc=com
cn: janedoe
givenName: Jane
gidNumber: 10001
homeDirectory: /home/janedoe
sn: Doe
loginShell: /bin/bash
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
uidNumber: 10001
uid: janedoe
userPassword::
e1NTSEF9Y1VNNWx1UWM0Sjl5WlhnZWJZTHkwMjRhTmszdl

ldapsearch -H ldapi:/// -Y
EXTERNAL -b "dc=kifarunix-
demo,dc=com" "(&
(objectclass=posixGroup)
(cn=janedoe))" -LLL -Q

dn:
cn=janedoe,ou=groups,dc=kifarunix-
demo,dc=com
gidNumber: 10001
cn: janedoe
objectClass: posixGroup
objectClass: top

You can explore the functionality of this

tool further. That marks the end of our
guide on how to install and setup
phpLDAPadmin on Ubuntu 20.04.

Related Tutorials
Install phpLDAPadmin on CentOS 8

Configure SSSD for LDAP Authentication

on Ubuntu 20.04

Setup OpenLDAP Master-Slave

Replication on CentOS 8

How to Configure DokuWiki OpenLDAP

Authentication

TAGS install phpldapadmin on ubuntu

install phpldapadmin on ubuntu 20.04

phpldapadmin phpldapadmin ubuntu 20.04

Ubuntu 20.04

Previous article Next article

Install and Setup Install Foxit PDF

OpenLDAP Server Reader on Ubuntu
on Ubuntu 20.04 20.04

gen_too
https://kifarunix.com/

Co-founder of Kifarunix.com, Linux Tips

and Tutorials. Linux/Unix admin and
author at Kifarunix.com.

RELATED ARTICLES

Quick Way to Install

LEMP Stack on
Debian 11
gen_too -
September 19, 2021

How To Safely
Download And Watch
Movies
koromicha -
September 17, 2021

Install and Setup

OpenLDAP Server on
Debian 11
gen_too -
September 16, 2021

Install ClamAV on
Debian 11
koromicha -
September 14, 2021

Do You Own An
Online Business?
Hereʼs How To
Monitor Your...
koromicha -
September 12, 2021

Install Guacamole on
Debian 11
koromicha -
September 11, 2021

1 COMMENT

Seb March 25, 2021 At 03c26

I followed these steps exactly, and
I get 2 errors :

Unable to connect to LDAP server

Kifarunix-demo LDAP Server
Error: Canʼt contact LDAP server
(-1) for user
error Failed to Authenticate to
server
Invalid Username or Password.

Despite typing the exact same

password Iʼve typed during your
openLDAP installation guide on
Ubuntu 20.04
(https://kifarunix.com/install-and-
setup-openldap-server-on-
ubuntu-20-04/#comment-30697)
Reply

LEAVE A REPLY

Comment:

Name:*

Email:*

Website:

Save my name, email, and website in this

browser for the next time I comment.

POST COMMENT

ABOUT US

Kifarunix is a blog dedicated to providing

tips, tricks and HowTos for *Nix
enthusiasts; Command cheat sheets,
monitoring, server configurations,
virtualization, systems security,
networking…the whole FOSS
technologies. The major aim of all this is
to share our *Nix skills and knowledge
with anyone who is interested especially
the upcoming system admins. Stay
connected and let us grow together.

FOLLOW US

Home Contact Us About Us