Core information, such as usernames and passwords, are stored in LDAP. The Domain LDAP Webconfig page is where you can view and manage LDAP server settings.
LDAP is a protocol for accessing user, group and other key information from a directory. Because of its close association with that directory, the directory is sometimes called an LDAP Directory.
ClearOS uses OpenLDAP as its LDAP Directory Server and the LDAP protocol for accessing and authenticating usernames and passwords. All user information on ClearOS is stored in this directory.
If you install a module that depends on users/groups, this feature will automatically be installed as well.
You can find this feature in the menu system at the following location:
The following settings can be configured in Webconfig:
- The Domain Name should be set to your primary Internet domain, for example example.com
- The Publish Policy is useful if you need to access the LDAP directory from an external system
This Webconfig page also lists the LDAP bind information which is useful if you need to connect with other custom services or with and LDAP directory browser.
Webconfig uses the LDAP Directory transparently for many functions. For the most part, adding users, creating groups, setting passwords or changing information about the server will modify the directory in all the ways you need it to without needing to manually enter records.
For these examples we will use the following data:
- Hostname: localhost
- Base DN: dc=clearos,dc=lan
- Bind DN: cn=manager,cn=internal,dc=clearos,dc=lan
- Bind Password: gbGKD86gEWXLYNRm
A simple search will reveal our entire LDAP directory.
ldapsearch -h localhost -b "dc=clearos,dc=lan" \ -D "cn=manager,cn=internal,dc=clearos,dc=lan" \ -s sub "objectclass=*" -x -w gbGKD86gEWXLYNRm
You can also limit the results to include only specific information. For example, the following show all the groups on the system:
ldapsearch -h localhost -b "dc=clearos,dc=lan" \ -D "cn=manager,cn=internal,dc=clearos,dc=lan" \ -s sub "objectclass=GroupOfNames" -x -w gbGKD86gEWXLYNRm