OpenLDAP Installation

in

OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol.

BerkeleyDB Installation
The Oracle Berkeley DB family of open source, embeddable databases provides developers with fast, reliable, local persistence with zero administration. Often deployed as "edge" databases, the Oracle Berkeley DB family provides very high performance, reliability, scalability, and availability for application use cases that do not require SQL.
The latest version can be downloaded from Oracle's download page:

mkdir -p /extra/src
cd /extra/src
wget http://download-east.oracle.com/berkeley-db/db-4.7.25.tar.gz
tar zxf db-4.7.25.tar.gz
cd db-4.7.25/build_unix
../dist/configure
make
make install

OpenLDAP Installation
http://www.openldap.org/doc/admin24/quickstart.html
Download the latest OpenLDAP version (2.4.16 at time of writing) and extract the tarball:
cd /extra/src
wget http://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-2.4.16.tgz
tar zxf openldap-2.4.16.tgz
cd openldap-2.4.16

Configure it:
./configure

If you get a configure: error: BDB/HDB: BerkeleyDB not available error, then you'll need to set a few environment variables so it can locate your BerkeleyDB install and then ./configure again:
CPPFLAGS="-I/usr/local/BerkeleyDB.4.7/include"
export CPPFLAGS
LDFLAGS="-L/usr/local/lib -L/usr/local/BerkeleyDB.4.7/lib -R/usr/local/BerkeleyDB.4.7/lib"
export LDFLAGS
LD_LIBRARY_PATH="/usr/local/BerkeleyDB.4.7/lib"
export LD_LIBRARY_PATH

Once you've successfully configured, build and install the programs:
make depend
make
make test
make install

Configuring slapd
Rather than using a plaintext password for rootpw, run /usr/local/sbin/slappasswd to generate a hashed password for use in slapd.conf.
Edit the installed slapd configuration file, /usr/local/etc/openldap/slapd.conf and give a basic BDB database configuration. (Replace "example" with your domain name.)
database bdb
suffix "dc=example,dc=com"
rootdn "cn=Manager,dc=example,dc=com"
rootpw secret
directory /usr/local/var/openldap-data

Start-up the stand-alone server:
/usr/local/libexec/slapd

and check if it is running and configured correctly by executing a search:
ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts

We'll create a test entry to confirm that we can modify the directory. Create a file called ~/test.ldif and put the following in it, substituting your own values as needed:

dn: dc=example,dc=com
objectclass: dcObject
objectclass: organization
o: <Organization Name>
dc: example

dn: cn=Manager,dc=example,dc=com
objectclass: organizationalRole
cn: Manager

Add the contents of the LDIF file to the LDAP server:
ldapadd -x -D "cn=Manager,dc=example,dc=com" -W -f ~/test.ldif

Check that the info was put in:
ldapsearch -x -b 'dc=example,dc=com' '(objectclass=*)'

Stop the daemon once you're done testing it:
killall slapd

The DB_CONFIG file contains options that are used to optimize the database that is used to store the openldap directory. There is a DB_CONFIG.example file in the /usr/local/var/openldap-data/ that can be used as a base for the DB_CONFIG file.
cd /usr/local/var/openldap-data/
cp DB_CONFIG.example DB_CONFIG

Automatic Startup
Assuming daemontools has already been installed, create a directory for the slapd service:

cd /var/service
mkdir -m 1755 slapd
cd slapd

Create the run script, /var/service/slapd/run with the following contents:
#!/bin/sh
# daemontools run script for slapd service
# ** "foreground" version **
exec 2>&1
echo "*** Starting slapd..."
exec \
  /usr/local/libexec/slapd \
  -d 256 \
  -f /usr/local/etc/openldap/slapd.conf

Make the script executable then set up the logging service:
chmod 755 run
mkdir -m 755 log
cd log
wget http://qmail.jms1.net/scripts/run.log
mv run.log run
chmod 755 run

Create a symbolic link in /service to start the service:
ln -s /var/service/slapd /service/

After about 10 seconds, confirm that the service is running;
svstat /service/slapd