Open LDAP – Installation and configuration

Software Download

Download OpenLDAP Source code from


Pre Work :

Set below environmental variable. The path may change based on your local system install location of berkleyDB




LDFLAGS=”-L/usr/local/lib -L/usr/local/berkeleyDB/lib -R/usr/loca/berkeleyDB/lib”

export LDFLAGS





Building OpenLDAP Source code: 

Go to folder where you have extracted openLDAP

Run below commands: (if you want/need to support TLS , run with flag –with-tls )

# ./configure 

# make depend

# make

# make test (if this fails, please logout and re-login and run this command)


Configuring openLDAP :


Go to /usr/local/etc/openldap 

Update slapd.conf under title :  BDB database definitions

suffix          “dc=ACME,dc=com”

rootdn          “cn=Manager,dc=idcqa,dc=com”

rootpw          password

Note: Replace “dc=amce,dc=com” with your required DN.

You can set password as hashed value. for that use slappasswd to generate the hash.  


Starting the Server

Start LDAP Server using below command

/usr/local/libexec/slapd -d127 -h “ldap://:389/ ldaps://:636/”  &

This will start server in debug mode and it will listen cleartext on 389 and TLS on 636

Sample LDIFs 

Use Below LDIF to add your first entry (save it as root.ldif)

dn: dc=ACME,dc=com

dc: ACME

description: ACME  Corp.

objectClass: dcObject

objectClass: organization

o: Acme


Command to add the entry to OpenLDAP: 

ldapadd -a -h localhost -p 389 -D “cn=Manager,dc=idcqa,dc=com” -w password  -f root.ldif -x

# ldapadd command will get installed along with openLDAP installation


Create Group:

create a ldif file with following contents to add a group under dc=Acme,dc=com

dn: cn=group1,dc=acme,dc=com

objectClass: groupOfNames

cn: group1


Command:   ldapadd  -h localhost -p 389 -D “cn=Manager,dc=idcqa,dc=com” -w password  -f group.ldif -x


Creating User 

create a ldif file with following contents:

dn: cn=u1,dc=acme,dc=com

changetype: add

objectClass: inetOrgPerson

objectClass: organizationalPerson

objectClass: person

objectClass: top

sn: u1

cn: u1


userPassword: password