Problem scenario
You have a Debian Linux server. You want to install OpenLDAP on it. What do you do?
Solution
(These directions were tested to work on Debian 9 in Google Cloud Platform.)
1. Run this command:
sudo apt-get -y install slapd ldap-utils
2. Set a new password for the administrator.
3. Uncomment the "BASE" and "URI" stanzas in /etc/ldap/ldap.conf.
sudo vi /etc/ldap/ldap.conf # remove the leading hash "#" marks
4. While in this file, modify the newly uncommented BASE and URI stanzas. For the BASE, the values should be one, two, three or possibly more of strings like this:
dc=,dc=,dc=
Use the hostname -f command on the server. Ignore the left most value. value1 will be the string after the leftmost period. value2 will be the string after the second period from the left. You may have one or five values. There is no terminating comma. If you want a Python script to tell you what to put, see this link. (How do you write a Python script to find the ldap.conf's BASE stanza value?)
For URI, you may want to use an internal IP address of the server instead of an FQDN. Here is an example:
URI ldap://10.142.0.2 ldap://10.142.0.2:666
You can use an FQDN name or base the format on the example you see in the unmodified version of the file.
5.a. Run this command: sudo dpkg-reconfigure slapd
5.b. To the prompt about "Omit OpenLDAP server configuration?" choose "No".
5.c. To the prompt about a DNS domain name, enter whatever you think is best. If you are setting this up in Google Cloud Platform as a proof-of-concept, you may want to keep the default option and choose "Ok".
5.d. For the "Organization name" prompt you may enter your company name and choose "Ok".
5.e. For the "Database backend to use:" prompt choose MDB unless you know a different option would be best for your situation.
5.f. For the "Do you want the database to be removed when slapd is purged?" prompt, choose whichever you think is best. If you are setting this up as a proof-of-concept, choose "Yes".
5.g. For the "Move old database?" prompt, choose "Yes".
6. Test your set up by running this command:
ldapsearch -x
# You should see the word "Success" in the output.