How to Configure OpenLDAP on Localhost with Correct Domain Naming for 127.0.1.1


6 views 


When setting up OpenLDAP on localhost, the traditional domain naming convention (e.g., dc=example,dc=com) becomes problematic. Since you're working with 127.0.0.1 or localhost, we need an alternative approach that maintains LDAP standards while being technically valid.


For local development, use one of these domain naming schemes:
1. Reverse DNS notation: dc=1,dc=0,dc=0,dc=127
2. Special TLD for testing: dc=localhost,dc=localdomain
3. IP-based: dc=127-0-0-1,dc=local

Here's the recommended slapd.conf configuration:


database bdb
suffix "dc=localhost,dc=localdomain"
rootdn "cn=Manager,dc=localhost,dc=localdomain"
rootpw {SSHA}hashed_password_here
directory /var/lib/ldap



Here's a full working configuration for localhost:


include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema

pidfile /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.args

database bdb
suffix "dc=localhost,dc=localdomain"
rootdn "cn=admin,dc=localhost,dc=localdomain"
rootpw {SSHA}XZYhashedpasswordhere123
directory /var/lib/ldap
index objectClass eq,pres
index uid,cn,sn,mail eq,pres,sub
index uidNumber,gidNumber eq



After configuration, test with these commands:


ldapsearch -x -b "dc=localhost,dc=localdomain" -D "cn=admin,dc=localhost,dc=localdomain" -w yourpassword



If you prefer using the IP address directly:


database bdb
suffix "dc=127-0-0-1,dc=local"
rootdn "cn=admin,dc=127-0-0-1,dc=local"
rootpw yoursecurepassword
directory /usr/local/var/openldap-data



1. Connection errors: Ensure slapd is running (systemctl status slapd)

2. Authentication failures: Verify the rootpw matches in both config and command

3. Schema issues: Check all required schema files are included


Remember to restart slapd after configuration changes:


sudo systemctl restart slapd





When setting up OpenLDAP on localhost, many developers get stuck at the domain configuration part. The documentation typically suggests using a format like dc=,dc=, but what do you use when working locally?


For local development, you can use either of these approaches:


# Option 1: Using localhost directly
suffix "dc=localhost"
rootdn "cn=Manager,dc=localhost"

# Option 2: Creating a development domain
suffix "dc=dev,dc=local"
rootdn "cn=admin,dc=dev,dc=local"


Here's a full configuration example for a local development setup:


database bdb
suffix "dc=dev,dc=local"
rootdn "cn=admin,dc=dev,dc=local"
rootpw {SSHA}hashed_password_here
directory /var/lib/ldap

# Indexes for better performance
index objectClass eq
index cn,uid eq
index uidNumber,gidNumber eq
index member,memberUid eq


After setting up, verify your LDAP server with these commands:


# Start the server
sudo slapd -d 1

# Test connection
ldapsearch -x -b "dc=dev,dc=local" -H ldap://localhost


Create an LDIF file to populate your directory:


dn: dc=dev,dc=local
objectClass: dcObject
objectClass: organization
dc: dev
o: Local Development

dn: cn=admin,dc=dev,dc=local
objectClass: organizationalRole
cn: admin


Then import it using:


ldapadd -x -D "cn=admin,dc=dev,dc=local" -W -f initial_data.ldif


    

  • Permission issues with the data directory
    • 

  • Forgetting to hash the rootpw (use slappasswd)
    • 

  • Firewall blocking port 389
    • 

  • Missing schema definitions
    •