2. A Quick-Start Guide to Running slapd

This section provides a quick step-by-step guide to building, installing and running slapd. It is intended to provide users with a simple and quick way to get started only. If you intend to run slapd seriously, you should read the rest of this guide.
1. Get the software. Slapd is part of the LDAP distribution, which you can retrieve using this URL:


If you are reading this guide, you have probably already done this.

2. Untar the distribution. Pick a place for the LDAP source to live, cd there, and untar it. For example:

cd /usr/local/src
zcat ldap.tar.Z | tar xvf -

3. Configure the software. You will have to edit two files to configure things for your site.

vi Make-common
vi include/ldapconfig.h.edit

Read the comments in Make-common and configure things appropriately. If you have the Berkeley DB package installed, or the GDBM package, you should set the LDBMBACKEND variable accordingly. Otherwise, the defaults should be OK to get you started.

In the include/ldapconfig.h.edit file, be sure to set the DEFAULT_BASE and LDAPHOST variables to something appropriate for your site. Other than that, the defaults should work OK.

4. Make the software. From the top level LDAP source directory, type:


Examine the output of this command carefully to ensure everything is made properly. If this command fails, seek help.

5. Install the software. From the top level LDAP source directory, type:

make install

Examine the output of this command carefully to ensure everything is installed properly.

6. Make a configuration file. Create a file called myslapd.conf and enter the following lines into it. See Section 5 for more details on this file.

referral ldap://ldap.itd.umich.edu
database ldbm
suffix "o=<YOUR ORGANIZATION>, c=US"
rootpw secret

Be sure to replace "<YOUR ORGANIZATION>" with the name of your organization and "<YOUR NAME>" with your name. If you are not in the US, replace "US" with your two-letter country code. The rootdn and rootpw lines are only required if later you want to easily add or modify entries via LDAP.

7. Create a database. This is a two-step process. Step A is to create a file (we'll call it myldif) containing the entries you want your database to contain. Use the following example as a guide, or see Section 7.3 for more details.

objectclass: organization

objectclass: person

You can include additional entries and attributes in this file if you want, or add them later via LDAP.

Step B is to run this file through a tool to create the slapd database.

$(ETCDIR)/ldif2ldbm -f myslapd.conf -i myldif

Where myslapd.conf is the configuration file you made in step 6, and myldif is the file you made in step 7A above. By default, the database files will be created in /usr/tmp. You may specify an alternate directory via the directory option in the slapd.conf file.

8. Start slapd. Because slapd listens on a privileged TCP port number, you will need to be root to do this.

$(ETCDIR)/slapd -f myslapd.conf

9. See if it works. You can use any LDAP client to do this, but our example uses the ldapsearch tool.

ldapsearch -h 'objectclass=*'

This command will search for and retrieve every entry in the database. Note the use of single quotes around the filter, which prevents the "*" from being interpreted by the shell.

You are now ready to add more entries (e.g., using ldapadd(3) or another LDAP client), experiment with various configuration options, backend arrangements, etc. Note that by default, the slapd database grants READ access to everybody. So if you want to add or modify entries over LDAP, you will have to bind as the rootdn specified in the config file (see Section 5.2.2), or change the default access control (see Section 5.3).

The following sections provide more detailed information on making, installing, and running slapd.

[View Next Section] [View Previous Section] [Return to Table of Contents]

Send comments about this page to: ldap-support@umich.edu