# ldap # fd # Installing ```bash rm -rf /usr/share/keyrings/ltb-project-openldap-archive-keyring.gpg /etc/apt/sources.list.d/sury-php.list /etc/apt/sources.list.d/ltb.list /etc/apt/sources.list.d/ltb2.list /etc/apt/trusted.gpg.d/sury-php.gpg apt update apt install -y curl gpg curl https://ltb-project.org/documentation/_static/RPM-GPG-KEY-LTB-project | gpg --dearmor > /usr/share/keyrings/ltb-project-openldap-archive-keyring.gpg wget -O- https://ltb-project.org/documentation/_static/RPM-GPG-KEY-LTB-project | gpg --dearmor | sudo tee /usr/share/keyrings/ltb-project.gpg >/dev/null wget -qO - https://packages.sury.org/php/apt.gpg | sudo tee /etc/apt/trusted.gpg.d/sury-php.gpg > /dev/null echo "deb [arch=amd64 signed-by=/usr/share/keyrings/ltb-project.gpg] https://ltb-project.org/debian/stable stable main" | sudo tee /etc/apt/sources.list.d/ltb.list echo "deb [arch=amd64 signed-by=/usr/share/keyrings/ltb-project-openldap-archive-keyring.gpg] https://ltb-project.org/debian/stable stable main" | sudo tee /etc/apt/sources.list.d/ltb2.list echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" | sudo tee /etc/apt/sources.list.d/sury-php.list apt install -y software-properties-common apt-transport-https ca-certificates apt update project.gpg >/dev/null ``` ``` gpg --keyserver keys.openpgp.org --recv-key 0xFE0FEAE5AC483A86 gpg --export -a "FusionDirectory Packages Signing Key " > FD-archive-key apt-key add FD-archive-key apt update ``` ```bash echo "#fusiondirectory integrator \ deb https://public.fusiondirectory.org/debian/fusiondirectory-integrator/ bullseye main \ #fusiondirectory utilities \ deb https://public.fusiondirectory.org/debian/fusiondirectory-utilities/ bullseye main \ #fusiondirectory tools \ deb https://public.fusiondirectory.org/debian/fusiondirectory-tools/ bullseye main \ #fusiondirectory libraries \ deb https://public.fusiondirectory.org/debian/fusiondirectory-external-libraries/ bullseye main \ #fusiondirectory repository \ deb https://public.fusiondirectory.org/debian/bullseye-fusiondirectory-release/ bullseye main" | sudo tee /etc/apt/sources.list.d/fd.list ``` ``` apt install -y php7.4-common php7.4-ldap php7.4-xml php-cas php7.4-gd php7.4-curl \ php-fpdf php7.4-imagick php7.4-imap php7.4-mbstring php-gettext-languages php8.4-ldap php8.4-xml ``` ```bash apt install -y slapd dpkg-reconfigure slapd ``` ``` apt-get install -y fusiondirectory fusiondirectory-schema fusiondirectory-plugin-mail-schema fusiondirectory-plugin-mail php-ldap php-mbstring php-xml php-curl php-json fusiondirectory-plugin-dsa fusiondirectory-plugin-dsa-schema fusiondirectory-schema-manager --insert-schema /etc/ldap/schema/fusiondirectory/core-fd.schema fusiondirectory-schema-manager --insert-schema /etc/ldap/schema/fusiondirectory/core-fd-conf.schema fusiondirectory-schema-manager --insert-schema /etc/ldap/schema/fusiondirectory/ldapns.schema fusiondirectory-schema-manager --insert-schema /etc/ldap/schema/fusiondirectory/template-fd.schema fusiondirectory-schema-manager --insert-schema /etc/ldap/schema/fusiondirectory/mail-fd.schema fusiondirectory-schema-manager --insert-schema /etc/ldap/schema/fusiondirectory/mail-fd-conf.schema fusiondirectory-schema-manager --insert-schema /etc/ldap/schema/fusiondirectory/dsa-fd-conf.schema systemctl restart apache2 slapd ``` ``` apt install -y self-service-password ``` ```bash apt install -y libapache2-mod-php7.4 a2enmod php7.4 a2dismod php8.3 a2dismod php7.3 systemctl restart apache2 ``` go to [http://SERVER-IP/fusiondirectory](http://SERVER-IP/fusiondirectory) do your config.... [https://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/4761](https://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/4761) [https://github.com/ltb-project/self-service-password/issues/243](https://github.com/ltb-project/self-service-password/issues/243) STILL TODO : finish this [https://self-service-password.readthedocs.io/en/stable/index.html](https://self-service-password.readthedocs.io/en/stable/index.html) \-------------------------------------------- openldap/slapd part : ```bash apt update apt install -y curl gpg software-properties-common apt-transport-https ca-certificates apt update apt install -y slapd sudo dpkg-reconfigure slapd ``` \-------------------------------------------- php part ```bash wget -qO - https://packages.sury.org/php/apt.gpg | sudo tee /etc/apt/trusted.gpg.d/sury-php.gpg > /dev/null echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" | sudo tee /etc/apt/sources.list.d/sury-php.list apt update apt install -y php7.4-common php7.4-ldap php7.4-xml php-cas php7.4-gd php7.4-curl \ php-fpdf php7.4-imagick php7.4-imap php7.4-mbstring php-gettext-languages php8.4-ldap php8.4-xml ``` \---------------------------------------- fusion directory ```bash gpg --keyserver keys.openpgp.org --recv-key 0xFE0FEAE5AC483A86 gpg --export -a "FusionDirectory Packages Signing Key " > FD-archive-key apt-key add FD-archive-key echo "#fusiondirectory integrator deb https://public.fusiondirectory.org/debian/fusiondirectory-integrator/ bullseye main #fusiondirectory utilities deb https://public.fusiondirectory.org/debian/fusiondirectory-utilities/ bullseye main #fusiondirectory tools deb https://public.fusiondirectory.org/debian/fusiondirectory-tools/ bullseye main #fusiondirectory libraries deb https://public.fusiondirectory.org/debian/fusiondirectory-external-libraries/ bullseye main #fusiondirectory repository deb https://public.fusiondirectory.org/debian/bullseye-fusiondirectory-release/ bullseye main" | sudo tee /etc/apt/sources.list.d/fd.list apt update apt-get install -y fusiondirectory fusiondirectory-schema fusiondirectory-plugin-mail-schema fusiondirectory-plugin-mail php-ldap php-mbstring php-xml php-curl php-json fusiondirectory-plugin-dsa fusiondirectory-plugin-dsa-schema fusiondirectory-schema-manager --insert-schema /etc/ldap/schema/fusiondirectory/core-fd.schema fusiondirectory-schema-manager --insert-schema /etc/ldap/schema/fusiondirectory/core-fd-conf.schema fusiondirectory-schema-manager --insert-schema /etc/ldap/schema/fusiondirectory/ldapns.schema fusiondirectory-schema-manager --insert-schema /etc/ldap/schema/fusiondirectory/template-fd.schema fusiondirectory-schema-manager --insert-schema /etc/ldap/schema/fusiondirectory/mail-fd.schema fusiondirectory-schema-manager --insert-schema /etc/ldap/schema/fusiondirectory/mail-fd-conf.schema fusiondirectory-schema-manager --insert-schema /etc/ldap/schema/fusiondirectory/dsa-fd-conf.schema systemctl restart apache2 slapd ``` ```bash apt install -y libapache2-mod-php7.4 a2enmod php7.4 a2dismod php8.3 systemctl restart apache2 ``` go to [http://SERVER-IP/fusiondirectory](http://SERVER-IP/fusiondirectory) do your config.... can be useful : [https://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/4761](https://gitlab.fusiondirectory.org/fusiondirectory/fd/-/issues/4761) [https://github.com/ltb-project/self-service-password/issues/243](https://github.com/ltb-project/self-service-password/issues/243) # New Page 1 vim .ssh/authorized\_keys 2 sudo su - 3 su - 4 sudo chown arthur\_wambst .ssh/ 5 exit 6 sudo chown arthur\_wambst .ssh/ 7 vim .ssh/authorized\_keys 8 exit 9 sudo systemctl restart sshd 10 exit 11 apt update 12 apt install -y curl gpg 13 curl https://ltb-project.org/documentation/\_static/RPM-GPG-KEY-LTB-project | gpg --dearmor > /usr/share/keyrings/ltb-project-openldap-archive-keyring.gpg 14 wget -O - https://ltb-project.org/documentation/\_static/RPM-GPG-KEY-LTB-project | gpg --dearmor | sudo tee /usr/share/keyrings/ltb- 15 echo "deb \[signed-by=/usr/share/keyrings/php.gpg\] https://packages.sury.org/php/ $(lsb\_release -sc) main" | sudo tee /etc/apt/sources.list.d/php.list 16 echo "deb \[arch=amd64 signed-by=/usr/share/keyrings/ltb-project-openldap-archive-keyring.gpg\] https://ltb-project.org/debian/openldap26/bookworm bookworm main" | sudo tee /etc/apt/sources.list.d/ltb.list 17 echo "deb \[arch=amd64 signed-by=/usr/share/keyrings/ltb-project.gpg\] https://ltb-project.org/debian/stable stable main" | sudo tee /etc/apt/sources.list.d/ltb2.list 18 project.gpg >/dev/null 19 apt install -y software-properties-common apt-transport-https ca-certificateswget -q https://packages.sury.org/php/apt.gpg -O- | sudo gpg --dearmor -o /usr/share/keyrings/php.gpg 20 apt update 21 apt install -y openldap-ltb openldap-ltb-contrib-overlays openldap-ltb-mdb-utils self-service-password 22 su - 23 exit 24 su - 25 exit 26 su - 27 exit 28 su - 29 exit 30 slapcat -n 0 | grep olcModuleLoad 31 sudo slapcat -n 0 | grep olcModuleLoad 32 ldapmodify -Q -Y EXTERNAL -H ldapi:/// 33 dn: cn=module{0},cn=config 34 changetype: modify 35 add: olcModuleLoad 36 olcModuleLoad: memberof.la 37 ldapmodify -Q -Y EXTERNAL -H ldapi:/// 38 sudo ldapmodify -Q -Y EXTERNAL -H ldapi:/// 39 ldapadd -Y EXTERNAL -Q -H ldapi:/// 40 dn: cn=module,cn=config 41 cn: module 42 objectClass: olcModuleList 43 olcModulePath: /usr/bin/ldap 44 olcModuleLoad: memberof.la 45 ldapadd 46 ldapadd -Y EXTERNAL -Q -H ldapi:/// 47 dn: cn=module,cn=config 48 cn: module 49 objectClass: olcModuleList 50 olcModulePath: /usr/lin 51 olcModuleLoad: memberof.la 52 sudo ldapadd -h 53 sudo ldapadd -U admin -W 54 sudo ldapadd -x -W 55 sudo ldapadd -x 56 sudo ldapadd -h 57 ldapadd -x -D "cn=admin,dc=example,dc=com" -W -H ldap://localhost 58 dn: cn=module,cn=config 59 cn: module 60 objectClass: olcModuleList 61 olcModulePath: /usr/lib/ldap 62 olcModuleLoad: memberof.la 63 ldapadd -x -D "cn=admin,dc=example,dc=com" -W -H ldap://localhost 64 ldapadd -x -D "cn=admin,dc=wambst,dc=com" -W -H ldap://localhost 65 sudo ldapadd -x -D "cn=admin,dc=wambst,dc=com" -W -H ldap://localhost 66 sudo ldapadd -x -D "cn=admin,dc=wambst,dc=com" -W -H ldap://localhostdn: cn=module,cn=config 67 cn: module 68 objectClass: olcModuleList 69 olcModulePath: /usr/lib/ldap 70 olcModuleLoad: memberof.la 71 sudo ldapadd -x -D "cn=admin,dc=wambst,dc=com" -W -H ldap://localhost 72 dn: cn=module,cn=config 73 cn: module 74 objectClass: olcModuleList 75 olcModulePath: /opt/openldap-current/libexec/openldap 76 olcModuleLoad: memberof.la 77 sudo slapadd -x -D "cn=admin,dc=wambst,dc=com" -W -H ldap://localhost 78 sudo slapadd -D "cn=admin,dc=wambst,dc=com" -W -H ldap://localhost 79 sudo slapadd -n "cn=admin,dc=wambst,dc=com" -W -H ldap://localhost 80 sudo slapadd -n "cn=admin,dc=wambst,dc=com" -w -H ldap://localhost 81 sudo slapadd -n "cn=admin,dc=wambst,dc=com" -w 82 sudo slapadd 83 sudo systemctl sla 84 sudo systemctl slapd 85 sudo systemctl status slapd 86 sudo slapd -h 87 sudo slapadd 88 sudo slapd 89 ls 90 ldapadd -x -D "cn=admin,dc=wambst,dc=com" -W -H ldap://localhost <<EOF dn: cn=module,cn=config objectClass: olcModuleList cn: module olcModulePath: /usr/lib/ldap olcModuleLoad: memberof.la EOF 91 ldapadd -x -D "cn=admin,dc=wambst,dc=com" -W -H ldap://localhost <<EOF dn: cn=module{0},cn=config objectClass: olcModuleList cn: module olcModulePath: /usr/lib/ldap olcModuleLoad: memberof.la EOF 92 sudoldapadd -x -D "cn=admin,dc=wambst,dc=com" -W -H ldap://localhost <<EOF dn: cn=module{0},cn=config objectClass: olcModuleList cn: module olcModulePath: /usr/lib/ldap olcModuleLoad: memberof.la EOF 93 sudo ldapadd -x -D "cn=admin,dc=wambst,dc=com" -W -H ldap://localhost <<EOF dn: cn=module{0},cn=config objectClass: olcModuleList cn: module olcModulePath: /usr/lib/ldap olcModuleLoad: memberof.la EOF 94 sudo ldapadd -x -D "cn=admin,dc=wambst,dc=com" -W -H ldap://localhost <<EOF dn: cn=module{0},cn=config objectClass: olcModuleList cn: module{0} olcModulePath: /usr/lib/ldap olcModuleLoad: memberof.la EOF 95 vim config\_acl.ldif 96 ldapmodify -Y EXTERNAL -H ldapi:/// -f config-acl.ldif 97 ldapmodify -Y EXTERNAL -H ldapi:/// -f ./config-acl.ldif 98 ldapmodify -Y EXTERNAL -H ldapi:/// -f ./config\_acl.ldif 99 ldapmodify -x -D "cn=admin,dc=wambst,dc=com" -W -H ldap://localhost -f ./config\_acl.ldif 100 ldapadd -x -D "cn=admin,cn=config" -W -H ldap://localhost <<EOF dn: cn=module,cn=config objectClass: olcModuleList cn: module olcModulePath: /usr/lib/ldap olcModuleLoad: memberof.la EOF 101 cat /etc/ldap/ldap.conf 102 cat /etc/ldap/slapd.d/cn\\=config.ldif 103 sudo cat /etc/ldap/slapd.d/cn\\=config.ldif 104 sudo cat /etc/ldap/slapd.d/cn\\=config/ 105 ls /etc/ldap/slapd.d/cn\\=config/ 106 sudo ls /etc/ldap/slapd.d/cn\\=config/ 107 cat /usr/local/openldap/etc/openldap/slapd.conf 108 sudo cat /usr/local/openldap/etc/openldap/slapd.conf 109 sudo cat /usr/local/openldap/etc/openldap/ldap.conf 110 sudo cat /usr/local/openldap/etc/openldap/slapd-cli.conf 111 sudo cat /usr/local/openldap/etc/openldap/slapd.d/ 112 sudo ls /usr/local/openldap/etc/openldap/slapd.d/ 113 ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b "cn=config" "(olcRootPW=\*)" olcRootPW 114 sudo ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b "cn=config" "(olcRootPW=\*)" olcRootPW 115 ldapadd -Y EXTERNAL -H ldapi:/// <<EOF dn: cn=module,cn=config objectClass: olcModuleList cn: module olcModulePath: /usr/lib/ldap olcModuleLoad: memberof.la EOF 116 sudo ldapadd -Y EXTERNAL -H ldapi:/// <<EOF dn: cn=module,cn=config objectClass: olcModuleList cn: module olcModulePath: /usr/lib/ldap olcModuleLoad: memberof.la EOF 117 sudo ldapadd -Y EXTERNAL -H ldapi:/// <<EOF dn: olcOverlay={0}memberof,olcDatabase={1}mdb,cn=config objectClass: olcOverlayConfig objectClass: top olcOverlay: memberof olcMemberOfGroupOC: groupOfNames olcMemberOfMemberAD: member olcMemberOfMemberOfAD: memberOf EOF 118 sudo ldapadd -Y EXTERNAL -H ldapi:/// 119 dn: olcOverlay=memberof,olcDatabase={1}mdb,cn=config 120 objectClass: olcOverlayConfig 121 objectClass: olcMemberOf 122 olcOverlay: memberof 123 olcMemberOfRefint: TRUE 124 ldapadd -Y EXTERNAL -H ldapi:/// <<EOF dn: olcOverlay=memberof,olcDatabase={1}mdb,cn=config objectClass: olcOverlayConfig objectClass: olcMemberOf olcOverlay: memberof olcMemberOfRefint: TRUE EOF 125 ldapadd -Y EXTERNAL -H ldapi:/// <<EOF dn: olcOverlay=memberof,olcDatabase={1}mdb,cn=config objectClass: olcOverlayConfig objectClass: olcMemberOf olcOverlay: memberof olcMemberOfRefint: TRUE EOF 126 sudo ldapadd -Y EXTERNAL -H ldapi:/// <<EOF dn: olcOverlay=memberof,olcDatabase={1}mdb,cn=config objectClass: olcOverlayConfig objectClass: olcMemberOf olcOverlay: memberof olcMemberOfRefint: TRUE EOF 127 ldapsearch -x -LLL -b "ou=users,dc=wambst,dc=com" "(uid=test\_user)" memberOf 128 sudo ldapsearch -x -LLL -b "ou=users,dc=wambst,dc=com" "(uid=test\_user)" memberOf 129 sudo ldapsearch -x -LLL -b "ou=users,dc=wambst,dc=com" "(uid=test\_user)" memberOfds 130 sudo ldapsearch -x -LLL -b "ou=users,dc=wambst,dc=com" "(uid=test\_user)" memberOf 131 sudo ldapsearch -x -LLL -b "ou=users,dc=wambst,dc=com" "(uid=arthur.wambst)" memberOf 132 history