LDAP is included, by default, installed on every copy of Mac OS X. For Mac OS X Servers its easiest to get LDAP up and running, given that you have a nice handy graphical means of manipulating LDAP in the Open Directory features of Server Admin and Workgroup Manager. But what about Mac OS X Client. It may be easier than you think…
To setup OpenLDAP in Mac OS X, we’ll do three quick tasks. The first is to set a password and the second is to put the password into the configuration file and the third is to start the daemon. To create that password, we’re going to use the slappasswd. Simply use the command and then enter the password twice in order to get a hash that will be representative of your password:
Krypted:~ cedge$ slappasswd
Re-enter new password:
Copy that output into your clipboard. Now cd into the /etc/openldap directory. From there, cp the slapd.conf.default file to the slapd.conf file:
cp slapd.conf.default slapd.conf
Then edit the file. To do so, scroll down to the bottom. Here, you’ll see three things we’re going to change (you can change more if you want and you really only HAVE to change the first). The first is the password. This is the line that begins with rootpw. Delete secret from there and paste in that SHA1 password you created with slappasswd previously. The second and third are the suffix and rootdn information. Here, change company to whatever domain you would like to use and change cn=Manager in the rootdn line where Manager becomes, well, something else (or leave that part). Save your changes to the file.
Now you’re ready to start up the daemon:
slapd -d 255
Port scan yourself. If port 389 is running then you are now an OpenLDAP server! Happy LDAPing (with or without slapconfig).
krypted November 29th, 2009