Enable LDAP server in OSX

A quick step-by-step tutorial (and reminder for me) to enable and configure built-in OpenLDAP server in Mac OS X Tiger, Leopard and Snow Leopard clients:

1. Generate a new LDAP password:

$ slappasswd        
New password: 
Re-enter new password: 

2. Create a new LDAP configuration by default:

$ cd /etc/openldap
$ sudo cp slapd.conf.default slapd.conf

3. Edit LDAP configuration:

$ sudo mcedit slapd.conf

Example values:
suffix “dc=localhost,dc=com”
rootdn “cn=Manager,dc=localhost,dc=com”
rootpw {SSHA}rqmauEi1zu+1YgMEUwihtiYzZtPr0+KO

4. Start OpenLDAP server:

$ sudo /usr/libexec/slapd -d 255
@(#) $OpenLDAP: slapd 2.4.11 (Feb 11 2010 02:23:14) $
daemon: SLAP_SOCK_INIT: dtblsize=256
daemon_init: listen on ldap:///
daemon_init: 1 listeners to open...

5. Check LDAP port (389) to listen:

$ nmap localhost

Starting Nmap 4.53 ( http://insecure.org ) at 2010-07-05 11:47 CEST
Interesting ports on localhost (
Not shown: 1706 closed ports
22/tcp    open  ssh
80/tcp    open  http
88/tcp    open  kerberos-sec
389/tcp   open  ldap

Just use Eclipse based multiplatform Apache Directory Studio or native Cocoa application LDAP Manager to manage your LDAP server…

Leave a Reply

Your email address will not be published. Required fields are marked *