How to Install phpLDAPadmin on CentOS 7

Introduction

This is a web-based LDAP client which is written with PHP programming language. Since it runs on the web, it has the ability to run on almost all GUI server platforms.

Some of the features offered by LDAP include:

  • LDAP Tree browsing
  • Entry management  (move between servers, delete, copy and edit)
  • Image view and editing
  • Simple and advances searching
  • User authentication credentials management (supports hashing algorithms such as SHA)

Before You Start

Special Note: If you decide to follow these tutorials, you should already have installed PHP too.

Steps

Update system packages

$ sudo yum update && sudo yum upgrade

Install extra PHP packages

You need to install php-ldap and a few other php packages needed to run phpLDAPadmin.

$ sudo yum install php-ldap php-mbstring php-pear php-xml

The Extra Packages for Enterprise Linux (EPEL) release updates have to be installed because phpLDAPadmin is not available in the main repository.

$ sudo yum install epel-release

Start LDAP services

The ldap services need to be started and also be enabled to start automatically on boot up.

$ sudo systemctl start sldap && sudo systemctl enable sldap

Install the phpLDAPadmin

$ sudo yum -y install phpldapadmin

Configure the phpLDAPadmin Virtual Host

Modify your configuration file located at /etc/httpd/conf.d/phpldapadmin.conf to look like the one below:

Alias /phpldapadmin /usr/share/phpldapadmin/htdocs
Alias /ldapadmin /usr/share/phpldapadmin/htdocs

<Directory /usr/share/phpldapadmin/htdocs>
  <IfModule mod_authz_core.c>
    # Apache 2.4
    Requireall granted
  </IfModule>
  <IfModule !mod_authz_core.c>
    # Apache 2.2
    Order Deny,Allow
    Deny from all
    Allow from 127.0.0.1
    Allow from ::1
  </IfModule>
</Directory>

Configure the phpLDAPadmin

Open the configuration file with your favourite editor.

$ sudo vim /etc/phpldapadmin/config.php

The following changes are to be made in the php code:

Create a name for your LDAP server that will appear for users on the admin dashboard; this setting is located on line 291

$servers->setValue('server','name','Hostadvice LDAP Server');

To manage another LDAP server other than the localhost, you can uncomment and change the setting on line 298, entering the appropriate IP address:

$servers->setValue('server','host','127.0.0.1');

The default port for the LDAP server is left to 389 (non-standard port), you can change it by uncommenting line 301:

$servers->setValue('server','port',389);

Line 332 will define your domain details, change it appropriately.

$servers->setValue('login','bind_id','cn=ldapadm,dc=example,dc=hostadvice,dc=local');

Special Note: The LDAP DN are set when installing and configuring LDAP on your CentOS 7.

The password hashing algorithm set should be ssha. So change line 388 appropriately:

$servers->setValue('appearance','password_hash','ssha');

Line 397 should be uncommented to ensure the login credentials used are the domain name details and not the user identification (so comment out line 398)

$servers->setValue('login','attr','dn');
//$servers->setValue('login','attr','uid');

Save your changes and exit the editor.

If you are using php version 7.2, phpLDAPadmin has a lot of compatibility issues with it due to using deprecated functions. You can learn how to patch the bugs here.

After fixing the bugs, you can access your LDAP administration dashboard here:

http://(serverIP)/phpldapadmin. The landing page should look like the one below.


How to Install phpLDAPadmin on CentOS 7

You can go ahead and login by pressing the login button on the sidebar menu. The login DN details should be pre-populated if you correctly configured your phpldapadmin config file. You only need to enter the ldapadm password

How to Install phpLDAPadmin on CentOS 7


Conclusion

It is a safe practice to have SSL certificate installed on the server running phpLDAPadmin to ensure information is encrypted.

The phpLDAPadmin tool comes in handy for easy LDAP administration, especially for newbie system administrators although some configurations still have to be done on the command line, e. g. creating object classes.

Check out these top 3 Linux hosting services

Was this article helpful?