Attention
LemonLDAP::NG requires at least Red Hat/CentOS 7
LemonLDAP::NG provides packages for RHEL (and derivatives) 7/8/9:
lemonldap-ng
: metapackage, contains no file but dependencies on other
packageslemonldap-ng-doc
: contains HTML documentation and project docs
(README, etc.)lemonldap-ng-conf
: contains default configuration (DNS domain:
example.com)lemonldap-ng-test
: contains sample CGI test pagelemonldap-ng-handler
: contains Apache Handler implementation (agent)lemonldap-ng-manager
: contains administration interface and session
explorerlemonldap-ng-portal
: contains authentication portal and menulemonldap-ng-fastcgi-server
: FastCGI server needed to use Nginxlemonldap-ng-nginx
: contains Nginx configuration and dependencieslemonldap-ng-uwsgi-app
: contains Uwsgi applicationlemonldap-ng-selinux
: contains the SELinux policy for httpdperl-Lemonldap-NG-Common
: CPAN - Shared modulesperl-Lemonldap-NG-Handler
: CPAN - Handler modulesperl-Lemonldap-NG-Manager
: CPAN - Manager modulesperl-Lemonldap-NG-Portal
: CPAN - Portal modulesperl-Lemonldap-NG-SSOaaS-Apache-Client
: SSOaaS client moduleDanger
The package lemonldap-ng-nginx requires the Nginx community package. If you use OpenResty or Nginx plus, you must ignore this dependency. To do this, download the package and install it with:
rpm --nodeps -i lemonldap-ng-nginx*.rpm
LemonLDAP::NG has dependencies which are not in base RHEL repositories.
You need to enable EPEL repositories before installing.
On RHEL8 and derivatives, you also also need to enable the PowerTools repository in /etc/yum.repos.d
.
On OracleLinux, the corresponding repo is called Oracle Linux 8 CodeReady Builder.
You can add this YUM repository to get recent packages:
vi /etc/yum.repos.d/lemonldap-ng.repo
[lemonldap-ng]
name=LemonLDAP::NG packages
baseurl=https://lemonldap-ng.org/redhat/stable/$releasever/noarch
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-OW2
Tip
Replace stable
by 2.0
to avoid upgrade to next major
version
You may also need some extras packages for SAML, available here:
[lemonldap-ng-extras]
name=LemonLDAP::NG extra packages
baseurl=https://lemonldap-ng.org/redhat/extras/$releasever
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-OW2
Run this to update packages cache:
yum update
RPMs are available on the Download page.
Get the RPM signing key onto your LemonLDAP::NG server:
curl https://lemonldap-ng.org/_media/rpm-gpg-key-ow2 > /etc/pki/rpm-gpg/RPM-GPG-KEY-OW2
If the packages are stored in a yum repository:
yum install lemonldap-ng
# If you use SELinux
yum install lemonldap-ng lemonldap-ng-selinux
You can also use yum on local RPMs file:
yum localinstall lemonldap-ng-* perl-Lemonldap-NG-*
You have then to install all the downloaded packages:
yum install lemonldap-ng-* perl-Lemonldap-NG-*
Tip
You can choose to install only one component by choosing the
package lemonldap-ng-portal
, lemonldap-ng-handler
or
lemonldap-ng-manager
.
Install the package lemonldap-ng-conf
on all server which contains
one of those packages.
By default, DNS domain is example.com
. You can change it quick with
a sed command. For example, we change it to ow2.org
:
sed -i 's/example\.com/ow2.org/g' /etc/lemonldap-ng/* /var/lib/lemonldap-ng/conf/lmConf-1.json /etc/nginx/conf.d/* /etc/httpd/conf.d/*
If you upgraded LemonLDAP::NG, check all upgrade notes.
Configure your DNS server to resolve names with your server IP:
auth.<your domain>
: main portal, must be publicmanager.<your domain>
: manager, only for adminsitratorstest1.<your domain>
, test2.<your domain>
: sample applicationsFollow the next steps
/etc/lemonldap-ng
/var/lib/lemonldap-ng/conf/
/usr/share/perl5/vendor_perl
directory/var/lib/lemonldap-ng/
/usr/share/lemonldap-ng/
/usr/libexec/lemonldap-ng/bin
If you need it, you can rebuild RPMs:
lemonldap-ng.spec
)%_topdir/SOURCES
~/.rpmmacros
and set your build parameters:%_topdir /home/user/build
%dist .el7
%rhel 7
%_topdir
rpmbuild -ta SOURCES/lemonldap-ng-VERSION.tar.gz