Skip to content

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.
  • Labs icon Lab
  • A Cloud Guru
Google Cloud Platform icon

Migrating Linux Users to an LDAP Directory

In this lab, we go through the process of adding a Linux user and then using a migrate utility to create an LDIF file that facilitates the use of the `ldapadd` command to add the user to an LDAP directory.

Google Cloud Platform icon

Path Info

Clock icon Beginner
Clock icon 4h 0m
Clock icon Jul 23, 2020

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.

Table of Contents

  1. Challenge

    Connect to the LDAP Server and the Linux Server

    Connect to each server:

    ssh cloud_user@<PUBLIC_IP_OF_SERVER>

    Provide the appropriate password from the lab interface.

  2. Challenge

    Verify the Installation of LDAP on the LDAP Server

    On the LDAP Server

    1. Check the version of LDAP that has been staged:

      slapd -VV
    2. Verify the slapd daemon is running and active:

      sudo systemctl status slapd
    3. Provide the cloud_user password for the LDAP server.

    4. Search the existing LDAP database:

      ldapsearch -x -LLL -b dc=example,dc=com
  3. Challenge

    Set the Password for the LDAP Server

    On the LDAP Server

    1. Generate an encrypted password:

    2. Copy the output from that command into the clipboard and save it.

    3. Use a Linux text editor to add the encrypted password to the slapd configuration file:

      sudo vi /etc/openldap/slapd.d/cn=config/olcDatabase=\{2\}hdb.ldif
    4. Change the line that starts with olcRootPW, replacing the existing string after the colon with the encrypted password you just copied.

    5. After saving the configuration file, restart the service:

      sudo systemctl restart slapd
  4. Challenge

    Add a Linux User and Migrate the User to LDAP

    On the LDAP Server

    1. Add a Linux user:

      sudo useradd <ANY_USER>
      sudo passwd <ANY_USER>
    2. Respond with a password.

    3. Grab the user and group lines from /etc/passwd and /etc/group, and output them to text files:

      grep <ANY_USER> /etc/passwd > ./passwd.txt
      grep <ANY_USER> /etc/group > ./group.txt
    4. Use the migration utility to convert the Linux text into ldif format:

      /usr/share/migrationtools/ ./passwd.txt ./passwd.ldif
      /usr/share/migrationtools/ ./group.txt ./group.ldif
    5. Look at the files you have created:

      cat ./passwd.ldif
      cat ./group.ldif
    6. Add the ldif data to the directory:

      ldapadd -x -W -D "cn=Manager,dc=example,dc=com" -f ./passwd.ldif
      ldapadd -x -W -D "cn=Manager,dc=example,dc=com" -f ./group.ldif
    7. Search the directory to determine the contents:

      ldapsearch -x cn=<ANY_USER> -b dc=example,dc=com
  5. Challenge

    Verify the User You Added Is Available from the LDAP Client

    From the server configured as an LDAP client:

    id <ANY_USER>

The Cloud Content team comprises subject matter experts hyper focused on services offered by the leading cloud vendors (AWS, GCP, and Azure), as well as cloud-related technologies such as Linux and DevOps. The team is thrilled to share their knowledge to help you build modern tech solutions from the ground up, secure and optimize your environments, and so much more!

What's a lab?

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Provided environment for hands-on practice

We will provide the credentials and environment necessary for you to practice right within your browser.

Guided walkthrough

Follow along with the author’s guided walkthrough and build something new in your provided environment!

Did you know?

On average, you retain 75% more of your learning if you get time for practice.

Start learning by doing today

View Plans