{"id":10689,"date":"2021-11-16T22:52:49","date_gmt":"2021-11-16T19:52:49","guid":{"rendered":"https:\/\/kifarunix.com\/?p=10689"},"modified":"2024-03-18T08:08:20","modified_gmt":"2024-03-18T05:08:20","slug":"install-phpldapadmin-on-debian-10-debian-11","status":"publish","type":"post","link":"https:\/\/kifarunix.com\/install-phpldapadmin-on-debian-10-debian-11\/","title":{"rendered":"Install phpLDAPAdmin on Debian 10\/Debian 11"},"content":{"rendered":"\n

In this guide, you will learn how to install and setup phpLDAPadmin on Debian 10\/Debian 11. phpLDAPadmin<\/a> (also known as PLA) is a web-based application written in PHP for administering LDAP servers. PLA is designed to manage records in an LDAP server, including creating, modifying, deleting records.<\/p>\n\n\n\n

Learn how to install and setup OpenLDAP server with SSL\/TLS on Debian 10\/Debian 11 by following the link below;<\/p>\n\n\n\n

Install and Setup OpenLDAP Server on Debian 10\/Debian 11<\/a><\/p>\n\n\n\n

Install and Setup phpLDAPadmin on Debian<\/h2>\n\n\n\n

Installing phpLDAPadmin on Debian 10\/11<\/h3>\n\n\n\n

phpLDAPadmin is NOT available on Debian 10\/Debian 11 default repos;<\/p>\n\n\n\n

apt show phpldapadmin<\/code><\/pre>\n\n\n\n
N: Unable to locate package phpldapadmin\nN: Unable to locate package phpldapadmin\nE: No packages found<\/code><\/pre>\n\n\n\n
Thus, you can simply download the DEB binary from any of these mirror list<\/a>, under the sub-directory: pool\/main\/p\/phpldapadmin\/<\/strong><\/code>, for example http:\/\/ftp.de.debian.org\/debian\/pool\/main\/p\/phpldapadmin\/<\/a>.<\/p>\n\n\n\n
wget http:\/\/ftp.de.debian.org\/debian\/pool\/main\/p\/phpldapadmin\/phpldapadmin_1.2.2-6.3_all.deb<\/code><\/pre>\n\n\n\n
Next, install phpLDAPAdmin by running the command below;<\/p>\n\n\n\n
apt install .\/phpldapadmin_1.2.2-6.3_all.deb<\/code><\/pre>\n\n\n\n
On Debian 11<\/p>\n\n\n\n
Reading package lists... Done\nBuilding dependency tree... Done\nReading state information... Done\nNote, selecting 'phpldapadmin' instead of '.\/phpldapadmin_1.2.2-6.3_all.deb'\nThe following additional packages will be installed:\n  apache2 apache2-bin apache2-data apache2-utils libapache2-mod-php7.4 libapr1 libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap libcurl4 liblua5.3-0 libsodium23\n  libxslt1.1 php php-common php-ldap php-xml php7.4 php7.4-cli php7.4-common php7.4-json php7.4-ldap php7.4-opcache php7.4-readline php7.4-xml psmisc ssl-cert\nSuggested packages:\n  apache2-doc apache2-suexec-pristine | apache2-suexec-custom www-browser php-pear\nThe following NEW packages will be installed:\n  apache2 apache2-bin apache2-data apache2-utils libapache2-mod-php7.4 libapr1 libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap libcurl4 liblua5.3-0 libsodium23\n  libxslt1.1 php php-common php-ldap php-xml php7.4 php7.4-cli php7.4-common php7.4-json php7.4-ldap php7.4-opcache php7.4-readline php7.4-xml phpldapadmin psmisc\n  ssl-cert\n0 upgraded, 28 newly installed, 0 to remove and 31 not upgraded.\nNeed to get 7,669 kB\/8,409 kB of archives.\nAfter this operation, 34.2 MB of additional disk space will be used.\nDo you want to continue? [Y\/n] y\nGet:1 \/root\/phpldapadmin_1.2.2-6.3_all.deb phpldapadmin all 1.2.2-6.3 [740 kB]\nGet:2 http:\/\/security.debian.org\/debian-security bullseye-security\/main amd64 apache2-bin amd64 2.4.51-1~deb11u1 [1,407 kB]\nGet:3 http:\/\/deb.debian.org\/debian bullseye\/main amd64 libapr1 amd64 1.7.0-6+deb11u1 [106 kB]\nGet:4 http:\/\/deb.debian.org\/debian bullseye\/main amd64 libaprutil1 amd64 1.6.1-5 [92.1 kB]\nGet:5 http:\/\/deb.debian.org\/debian bullseye\/main amd64 libaprutil1-dbd-sqlite3 amd64 1.6.1-5 [18.8 kB]\nGet:6 http:\/\/deb.debian.org\/debian bullseye\/main amd64 libaprutil1-ldap amd64 1.6.1-5 [17.0 kB]\nGet:7 http:\/\/deb.debian.org\/debian bullseye\/main amd64 libcurl4 amd64 7.74.0-1.3+b1 [341 kB]\nGet:8 http:\/\/deb.debian.org\/debian bullseye\/main amd64 liblua5.3-0 amd64 5.3.3-1.1+b1 [120 kB]\nGet:9 http:\/\/deb.debian.org\/debian bullseye\/main amd64 psmisc amd64 23.4-2 [198 kB]\nGet:10 http:\/\/deb.debian.org\/debian bullseye\/main amd64 php-common all 2:76 [15.6 kB]\nGet:11 http:\/\/deb.debian.org\/debian bullseye\/main amd64 libsodium23 amd64 1.0.18-1 [161 kB]\nGet:12 http:\/\/deb.debian.org\/debian bullseye\/main amd64 libxslt1.1 amd64 1.1.34-4 [239 kB]\nGet:13 http:\/\/security.debian.org\/debian-security bullseye-security\/main amd64 apache2-data all 2.4.51-1~deb11u1 [160 kB]\nGet:14 http:\/\/deb.debian.org\/debian bullseye\/main amd64 php all 2:7.4+76 [6,340 B]\nGet:15 http:\/\/deb.debian.org\/debian bullseye\/main amd64 php-ldap all 2:7.4+76 [6,364 B]\nGet:16 http:\/\/deb.debian.org\/debian bullseye\/main amd64 php-xml all 2:7.4+76 [6,384 B]\nGet:17 http:\/\/security.debian.org\/debian-security bullseye-security\/main amd64 apache2-utils amd64 2.4.51-1~deb11u1 [255 kB]\nGet:18 http:\/\/deb.debian.org\/debian bullseye\/main amd64 ssl-cert all 1.1.0+nmu1 [21.0 kB]\nGet:19 http:\/\/security.debian.org\/debian-security bullseye-security\/main amd64 apache2 amd64 2.4.51-1~deb11u1 [270 kB]\nGet:20 http:\/\/security.debian.org\/debian-security bullseye-security\/main amd64 php7.4-common amd64 7.4.25-1+deb11u1 [1,022 kB]\nGet:21 http:\/\/security.debian.org\/debian-security bullseye-security\/main amd64 php7.4-json amd64 7.4.25-1+deb11u1 [19.3 kB]\nGet:22 http:\/\/security.debian.org\/debian-security bullseye-security\/main amd64 php7.4-opcache amd64 7.4.25-1+deb11u1 [198 kB]\nGet:23 http:\/\/security.debian.org\/debian-security bullseye-security\/main amd64 php7.4-readline amd64 7.4.25-1+deb11u1 [12.3 kB]\nGet:24 http:\/\/security.debian.org\/debian-security bullseye-security\/main amd64 php7.4-cli amd64 7.4.25-1+deb11u1 [1,428 kB]\nGet:25 http:\/\/security.debian.org\/debian-security bullseye-security\/main amd64 libapache2-mod-php7.4 amd64 7.4.25-1+deb11u1 [1,373 kB]\nGet:26 http:\/\/security.debian.org\/debian-security bullseye-security\/main amd64 php7.4 all 7.4.25-1+deb11u1 [48.9 kB]\nGet:27 http:\/\/security.debian.org\/debian-security bullseye-security\/main amd64 php7.4-ldap amd64 7.4.25-1+deb11u1 [29.6 kB]\nGet:28 http:\/\/security.debian.org\/debian-security bullseye-security\/main amd64 php7.4-xml amd64 7.4.25-1+deb11u1 [97.9 kB]\nFetched 7,669 kB in 2s (3,530 kB\/s)\nPreconfiguring packages ...\n<\/code><\/pre>\n\n\n\n
Note that on Debian 11, the command above installs phpLDAPAdmin alongside PHP 7.4 and PHP 7.3 on Debian 10 by default.<\/p>\n\n\n\n
So expect a number of warnings on deprecation when running phpLDAPadmin.<\/p>\n\n\n\n
Configuring phpLDAPadmin on Debian 10\/Debian 11<\/h3>\n\n\n\n
The default configuration file for phpLDAPadmin is \/etc\/phpldapadmin\/config.php<\/strong><\/code>. This is the file that we are going to edit to make our configuration changes as per LDAP server settings.<\/p>\n\n\n\n
vim \/etc\/phpldapadmin\/config.php<\/code><\/pre>\n\n\n\n
The configuration file is highly commented. We are only going to make a few changes in this demo, enough to access and run phpLDAPadmin to administer LDAP server.<\/p>\n\n\n\n
Set a suitable name for your LDAP server. This is the name that will appear on phpLDAPadmin web interface.<\/p>\n\n\n\n
\/*********************************************\n * Define your LDAP servers in this section  *\n *********************************************\/\n...\n...\n\/* A convenient name that will appear in the tree viewer and throughout\n   phpLDAPadmin to identify this LDAP server to users. *\/\n$servers->setValue('server','name','Kifarunix-demo LDAP Server<\/strong>');\n...<\/code><\/pre>\n\n\n\n
Define the IP address or resolvable hostname of your OpenLDAP server;<\/p>\n\n\n\n
$servers->setValue('server','host','ldap.kifarunix-demo.com<\/strong>');<\/code><\/pre>\n\n\n\n
Define the port on which your OpenLDAP server is listening on. In our demo, our OpenLDAP is configured with StartTLS (port 389).<\/p>\n\n\n\n
\/* The port your LDAP server listens on (no quotes). 389 is standard. *\/\n$servers->setValue('server','port',389);<\/strong><\/code><\/pre>\n\n\n\n
Set the OpenLDAP base DN. In our setup, OpenLDAP base DN is set to dc=ldapmaster,dc=kifarunix-demo,dc=com<\/code><\/strong>.<\/p>\n\n\n\n
\/* Array of base DNs of your LDAP server. Leave this blank to have phpLDAPadmin\nauto-detect it for you. *\/\n$servers->setValue('server','base',array('dc=ldapmaster,dc=kifarunix-demo,dc=com<\/strong>'));<\/code><\/pre>\n\n\n\n
Define your phpLDAPadmin authentication type. In this demo, we choose the default authentication type, session<\/code>.<\/p>\n\n\n\n
$servers->setValue('login','auth_type','session');<\/code><\/pre>\n\n\n\n
Define the Bind DN of the administrative user to login to phpLDAPadmin;<\/p>\n\n\n\n
$servers->setValue('login','bind_id','cn=admin,dc=ldapmaster,<\/strong>dc=kifarunix-demo,dc=com<\/strong>');<\/code><\/pre>\n\n\n\n
You can optionally specify an attribute to use when logging in. In our case, we want to use full DN such as, cn=admin,dc=kifarunix-demo,dc=com<\/code><\/strong>, for logging in.<\/p>\n\n\n\n
$servers->setValue('login','attr','dn');<\/code><\/pre>\n\n\n\n
Configure user ID auto increment when creating users from phpLDAPadmin web interface. This ensures that you do not re-use already assigned user and group IDs. In this setup, we choose the ID from 10000.<\/p>\n\n\n\n
\/* The minimum number to use when searching for the next available number\n(only when 'search' is used for auto_number. *\/\n$servers->setValue('auto_number','min',array('uidNumber'=>10000,'gidNumber'=>10000));<\/strong><\/code><\/pre>\n\n\n\n
That is all the changes we could make in this guide.<\/p>\n\n\n\n
Go through the configuration file and choose any other option you want to configure.<\/p>\n\n\n\n
Save and exit the file once done with configuration.<\/p>\n\n\n\n
Configure Apache for phpLDAPadmin<\/h3>\n\n\n\n
Create phpLDAPadmin Apache configuration, \/etc\/apache2\/conf-available\/phpldapadmin.conf<\/strong><\/code> as follows.<\/p>\n\n\n\n
cat > \/etc\/apache2\/conf-available\/phpldapadmin.conf << 'EOL'\nAlias \/phpldapadmin \/usr\/share\/phpldapadmin\/htdocs\n\n<Directory \/usr\/share\/phpldapadmin\/htdocs>\n  <IfModule mod_authz_core.c>\n    Require all granted\n  <\/IfModule>\n<\/Directory>\nEOL<\/code><\/pre>\n\n\n\n
Set the ownership of the file to www-data<\/code>.<\/p>\n\n\n\n
chown -R www-data: \/usr\/share\/phpldapadmin\/<\/code><\/pre>\n\n\n\n
Enable SSL;<\/p>\n\n\n\n
cat > \/etc\/apache2\/sites-available\/phpldapadmin.conf <'EOL'\n<VirtualHost *:443>\n        ServerName pla.kifarunix-demo.com\n        \n        SSLEngine on\n        SSLCertificateFile \/etc\/ssl\/certs\/kifarunix-demo.crt\n        SSLCertificateKeyFile \/etc\/ssl\/private\/kifarunix-demo.key\n<\/VirtualHost>\nEOL<\/code><\/pre>\n\n\n\n
Configure HTTP\/HTTPS redirect;<\/p>\n\n\n\n
cat >> \/etc\/apache2\/apache2.conf << 'EOL'\nRewriteEngine On\nRewriteCond %{HTTPS} off\nRewriteRule ^(.*)$ https:\/\/pla.kifarunix-demo.com\/$1 [L,R=301]\nEOL<\/code><\/pre>\n\n\n\n
Disable Apache default site (with welcome page)<\/p>\n\n\n\n
a2dissite 000-default.conf<\/code><\/pre>\n\n\n\n
Enable SSL and rewrite modules;<\/p>\n\n\n\n
a2enmod rewrite ssl<\/code><\/pre>\n\n\n\n
Open Apache on firewall to allow external access.<\/p>\n\n\n\n
ufw allow \"WWW Full\"<\/code><\/pre>\n\n\n\n
Check Apache syntax;<\/p>\n\n\n\n
apachectl -t<\/code><\/pre>\n\n\n\n
Syntax OK<\/code><\/pre>\n\n\n\n
Restart Apache;<\/p>\n\n\n\n
systemctl restart apache2<\/code><\/pre>\n\n\n\n
Accessing phpLDAPadmin on Browser<\/h3>\n\n\n\n
You can access phpLDAPadmin using the address, https:\/\/server-IP-or-Hostname\/phpldapadmin<\/strong><\/code>.<\/p>\n\n\n\n
\"Install<\/figure>\n\n\n\n
If you get the warning,
Deprecated<\/strong>: Array and string offset access syntax with curly braces is deprecated in \/usr\/share\/phpldapadmin\/lib\/functions.php<\/strong> on line 1614<\/strong><\/code><\/em>, you can simply replace the curly braces ({}<\/strong><\/code>) with square brackets ([]<\/code>) on the affected line, 1614.<\/p>\n\n\n\n
Click login<\/strong> to login to you phpLDAPadmin web user interface. Since we already defined the admin Bind DN, simply enter the password and login;<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
Upon successful authentication, you land on phpLDAPAdmin dashboard.<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
You can now administer your LDAP server with web interface.<\/p>\n\n\n\n
Create LDAP User on phpLDAPadmin<\/h3>\n\n\n\n
You can refer to this section on how to go about creation of user accounts on phpLDAPAdmin web interface.<\/p>\n\n\n\n
How to create LDAP user accounts on phpLDAPadmin<\/a><\/p>\n\n\n\n
You can explore the functionality of this tool further. That marks the end of our guide on how to install and setup phpLDAPadmin on Debian 10\/Debian 11.<\/p>\n\n\n\n
Related Tutorials<\/h3>\n\n\n\n
Install phpLDAPadmin on Rocky Linux 8<\/a><\/p>\n\n\n\n
Install and Setup phpLDAPadmin on Ubuntu 20.04<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
In this guide, you will learn how to install and setup phpLDAPadmin on Debian 10\/Debian 11. phpLDAPadmin (also known as PLA) is a web-based application written in<\/p>\n","protected":false},"author":1,"featured_media":9240,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"rank_math_lock_modified_date":false,"footnotes":""},"categories":[121,1099,342],"tags":[4277,4274,4275,1591,4276,4278],"class_list":["post-10689","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-howtos","category-openldap","category-php","tag-debian-phpldapadmin","tag-install-phpldapadmin-debian","tag-install-phpldapadmin-on-debian-10-debian-11","tag-phpldapadmin","tag-phpldapadmin-debian","tag-pla","generate-columns","tablet-grid-50","mobile-grid-100","grid-parent","grid-50","resize-featured-image"],"_links":{"self":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/10689"}],"collection":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/comments?post=10689"}],"version-history":[{"count":5,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/10689\/revisions"}],"predecessor-version":[{"id":21608,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/10689\/revisions\/21608"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/media\/9240"}],"wp:attachment":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/media?parent=10689"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/categories?post=10689"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/tags?post=10689"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}