Saturday, 8 October 2011

Installing OpenLDAP on Windows 7

The following is a simple guide to installing OpenLDAP for the purpose of trying it out in a dev environment. The installation is on Windows 7. I've written this up as it is something I have to do infrequently and so forget the detail each time. The other online tutorials never seem to go as far as connecting an LDAP browser to the directory server you have just installed.

Download the MSI from http://www.userbooster.de/en/download/openldap-for-windows.aspx

The installation notes are http://www.userbooster.de/en/support/feature-articles/openldap-for-windows-installation.aspx. The LDAP requires a database repository, the "Backend Configuration"dialog allows you to choose from BDB, LDAP, LDIF, SQL-Server:



The easiest option is the LDIF backend as this is merely a file directory of LDIF files

Running the LDAP

You can either start with windows service or just run the "run.cmd" file that is provided in the C:\Program Files (x86)\OpenLDAP\run folder. I prefer to just run the cmd file as its not something I need running all the time and with a command console any errors are displayed immediately. Launch "run.cmd" as Administrator (right click the icon and select "run as Administrator"). If you have windows firewall running it will prompt you to allow it access. Select the "Private networks, such as my home or work network" option. You need to leave that command window open, it is the Open LDAP process. To stop Open LDAP just close the window.

Connect an LDAP browser

Once installed the cn=Manager,dc=maxcrc,dc=com user is available to bind with but the dc=maxcrc needs adding before you can successfully connect an LDAP browser. OpenLDAP has command line utils in the ClientTools folder to allow you to perform this. CD to this folder (c:\Program Files (x86)\OpenLDAP\ClientTools) then paste the following command:
ldapmodify.exe -a -x -D cn=Manager,dc=maxcrc,dc=com -w secret -f ..\maxcrc.ldif


If successful you'll see the following output:


adding new entry "dc=maxcrc,dc=com"


adding new entry "ou=People,dc=maxcrc,dc=com"


You now have an organisational unit called "People" under the dc maxcrc. This is somewhere you can start creating new user objects (or whatever type of object you want.) Now we are going to connect the LDAP browser Jxplorer. Download and install from this site http://jxplorer.org/downloads/users.html

There are no configuration options during the install. Run Jxplorer and then from the File menu select connect. You will see and "Open LDAP/DSML Connection" dialog. Enter the details as follows:



and then click ok. After a short pause (5-10 seconds on my laptop but it is only an i3 1.33ghz) and the explorer pane on the left should be populated with a small tree structure:


We are now going to add a new user. Select the People Organisational unit then type Ctrl+n. Select inetorgperson from the "Available classes" window and enter cn=user1 for the RDN:


Click the OK button. You will now see the "Table Editor" in the right hand pane. The fields in bold are mandatory for the given object class. We need to populate the sn field before we can add our new user:



enter a surname and then press the "Submit" button at the bottom of the pane. Our user has now been added to the directory server. If you check this folder "C:\Program Files (x86)\OpenLDAP\ldifdata\dc=maxcrc,dc=com\ou=people" you will see a new file created called "cn=user1". Do not tweak these files direct, use the LDAP browser.
Posted by at

21 comments:

  1. Unknown5 September 2012 at 02:21

    Hi soswin
    Thanks for sharing this information. Its very useful to start with OpenLDAP. And yeh this information is not available in other tutorials.

    ReplyDelete
  2. mohan6 September 2012 at 06:42

    thank you very much....its very useful to start my openLDAP

    ReplyDelete
    Replies
    1. Unknown7 January 2014 at 21:48

      Hello Mohan,
      I saw your comment on site, can you please help me for this.
      i also want to install and need to add user in ldap, please suggest.
      ankush.bhandari@9abusiness.com

      Delete
  3. Milena Silva29 April 2013 at 07:44

    Thanks you very much !!!

    ReplyDelete
  4. girlFromPT26 June 2013 at 13:05

    does it work in windows 7 home premium?

    ReplyDelete
  5. Nuno G.23 July 2013 at 09:50

    Guys I need some help here please...
    Trying to install and run a LDAP server on a Windows Server 2008 machine but no good... always some kind of error...
    I installed with all the default settings and with a LDIF backend.
    When I run the run.cmd command I get this:

    D:\OpenLDAP>slapd -d 1 -h "ldaps:/// ldap:///" -f .\slapd.conf
    ldap_url_parse_ext(ldap://localhost/)
    ldap_init: trying %SYSCONFDIR%\ldap.conf
    ldap_init: HOME env is NULL
    ldap_init: trying ldaprc
    ldap_init: LDAPCONF env is NULL
    ldap_init: LDAPRC env is NULL
    51eeb28a OpenLDAP 2.4.34 Standalone LDAP Server (slapd)51eeb28a daemon_init: lis
    ten on ldaps:///
    51eeb28a daemon_init: listen on ldap:///
    51eeb28a daemon_init: 2 listeners to open...
    ldap_url_parse_ext(ldaps:///)
    51eeb28a daemon: bind(2) failed errno=10013 (WSAEACCES)
    51eeb28a daemon: bind(3) failed errno=10013 (WSAEACCES)
    51eeb28a slap_open_listener: failed on ldaps:///
    51eeb28a slapd stopped.
    51eeb28a connections_destroy: nothing to destroy.

    Any ideias?!?

    ReplyDelete
    Replies
    1. nesrohT24 August 2013 at 00:27

      You probably have another process already listening at port 389 (the standard LDAP port). Type "netstat -aon" to verify this. Perhaps OpenLDAP already runs as a service or you have an AD on your server.

      Delete
  6. Unknown19 October 2013 at 14:16

    Thank you! I just want echo what other people's comment - It's very helpful.

    ReplyDelete
  7. Unknown7 February 2014 at 16:34

    Thank you! I it help me a lot

    ReplyDelete
  8. Unknown18 July 2014 at 02:07

    This is a great guide, have managed to get a Ldap server up and running. I am want to change the Base DN name, can someone please advise me on how to change this
    many thanks

    ReplyDelete
  9. Unknown31 July 2014 at 10:27

    How can I start LDAP as LDAPS (secure SSL LDAP)

    ReplyDelete
  10. Unknown26 June 2015 at 07:35

    i have problem in the setup of openldap on windows7

    ReplyDelete
  11. mothi24 November 2015 at 01:04

    very good material. thanks for the great help

    ReplyDelete
  12. Unknown16 August 2016 at 00:31

    This comment has been removed by the author.

    ReplyDelete
  13. Jeanne 6 January 2017 at 01:17

    This comment has been removed by a blog administrator.

    ReplyDelete
  14. Anonymous9 May 2017 at 00:57

    Hi,
    I want to do windows authentication through Ldap. Have done the openLdap & Ldap setup and configuration as you suggested.
    Now i need to fetch users credentials through java code. Can i get the java code where i can get the users data from jxplorer, match the credentials (ID, Pass) from the user's machine, and then process to the next page.
    Please do reply. I'm in need. Thanks

    ReplyDelete
  15. Unknown17 October 2017 at 01:22

    I have one issue with OpenLDAP, for 10 transactions of rest password, every request is working fine but on 11th reset of user i am getting error "LDAPException: Connection closed by the application disconnecting (91) Connect Error",
    Can any one help me to solve this issue.

    ReplyDelete
  16. Unknown22 November 2017 at 14:23

    This comment has been removed by the author.

    ReplyDelete
  17. Unknown6 April 2018 at 19:14

    Hi I would like to ask if i want to add another dc into com so that I have dc=maxcrc,dc=com and dc=new,dc=com how do I do it? I tired by new entry but it wouldn't

    ReplyDelete
  18. Tsognong Fidèle6 December 2018 at 02:13

    Thanks this tuto has been very helpful for me

    ReplyDelete

Subscribe to: Post Comments (Atom)