LDAP (Lightweight Directory Access Protocol) provides centralized authentication and authorization. Instead of managing user accounts on every server individually, users authenticate against a central LDAP directory. This guide covers setting up OpenLDAP on your VPS.
When to Use LDAP
- Managing more than 5 servers with shared user accounts
- Need centralized password policies and account management
- Applications that support LDAP authentication (GitLab, Grafana, etc.)
- Compliance requirements for centralized access control
Installing OpenLDAP Server
# Install OpenLDAP on Ubuntu/Debian
sudo apt install slapd ldap-utils
# Reconfigure with your domain
sudo dpkg-reconfigure slapd
# DNS domain name: example.com
# Organization name: Example Inc
# Administrator password: (set a strong password)
# Database backend: MDB
# Remove database on purge: No
# Move old database: YesBasic LDAP Structure
# LDAP uses a hierarchical tree structure:
# dc=example,dc=com
# ou=People (user accounts)
# uid=jsmith
# uid=jdoe
# ou=Groups (groups)
# cn=developers
# cn=sysadmins
# Create the organizational units
cat > base.ldif user.ldif tls.ldif