How to populate an LDAP server with users and groups via phpLDAPadmin

If you're unsure how to add groups and users to LDAP, learn how simple the process is with the help of phpLDAPadmin.

Image: Jack Wallen

If you have an LDAP server, I bet you know how time consuming it can be to add users. If you have the time, you can always create a file, complete with all of your formatted LDAP entries, and import those in from the command line.

Some users prefer doing things the good old-fashioned graphical way, and that's where phpLDAPadmin comes in handy. With this web-based LDAP admin tool, you can more easily manage your LDAP server and populate it with users.

I'll walk you through the process of populating LDAP with the help of phpLDAPadmin on a Ubuntu 16.04 server running LDAP. I assume you have LDAP and phpLDAPadmin installed, and with all that out of the way, you can log into phpLDAP. But where do you go from there? Let me show you.

SEE: Storage in 2017: Big improvements are on the way (ZDNet)

Creating Organizational Units

LDAP breaks everything into very specific pieces, and we're going to focus on two of those pieces: people and groups. Because we're creating fairly generic Organizational Units (OUs), we'll use the Generic Organizational Unit Template. To get there, log into phpLDAPadmin, click to expand your server listing (in my example it's dc=monkeypantz,dc=net) and then click Create New Entry Here (Figure A).

Figure A

Figure A

Creating a new entry with phpLDAPadmin.

In the right pane (Figure B), select Generic: Organizational Unit.

Figure B

Figure B

Selecting from the many available objects on the LDAP server.

Let's first create an OU named "groups". In the next window type groups and click Create Object. Commit the group by clicking Commit in the next window (Figure C).

Figure C

Figure C

Committing your changes to LDAP.

You'll see a new entry in the left pane called ou=groups (Figure D).

Figure D

Figure D

Our new OU ready to be used.

Let's create a new OU named "users". Walk through the same process as above, though name the OU "users" instead of "groups". You'll see "ou=groups" and "ou=users" in the left pane.

Creating groups

Now that we have an OU created for groups, we can add the necessary groups. Let's create groups for "admin", "developers", and "users". Here's how.

  1. Click the groups OU in the left pane.
  2. In the resulting window, click Create Child Entry (Figure E).
  3. Click Generic: Posix Group.
  4. Type admin into the group text area.
  5. Click Create Object.
  6. Click Commit.
  7. Repeat the process for "developers" and "users".

Figure E

Figure E

Creating a new group under the groups OU.

Creating users

Now that we have our groups created, we want to create users. To do this, follow these steps.

  1. Click ou=users from the left pane.
  2. In the resulting window, click Create A Child Entry.
  3. Select Generic: User Account.
  4. Fill out the required information- note that Common Name must be unique (Figure F).
  5. Click Create Object.
  6. Click Commit.
  7. Repeat this process until you have added your necessary users added.

Figure F

Figure F

Creating a new user.

Adding users to groups

To add a user to a group, you must know the user's UID (named User ID in the user creation window). To find a UID go to ou=users | View X child (where X is the number of users) and then locate the user to be added and make note of their associated UID. Once you have that UID, let's add that user to the developers group. Here's how.

  1. Expand ou=groups.
  2. Click the developers group.
  3. Click Add New Attribute.
  4. From the drop-down, select memberUID.
  5. Enter the UID for the user in the memberUID section (Figure G).
  6. Click Update Object.

Figure G

Figure G

Adding a user to a group.

After you add the first user, adding subsequent users is much simpler. If you click the group name (under ou=groups in the left pane), you can click Modify Group Members (under memberUID) and then add the users from a list.

How easy was that?

Now you know how to create groups, create users, and add users to groups on your LDAP server...all with the help of a user-friendly web-based GUI. LDAP isn't nearly as difficult as many would assume. With the help of phpLDAPadmin, the task of administering that server has been made significantly easier.

Also see

By Jack Wallen

Jack Wallen is an award-winning writer for TechRepublic, The New Stack, and Linux New Media. He's covered a variety of topics for over twenty years and is an avid promoter of open source. For more news about Jack Wallen, visit his website jackwallen....