Configure LDAP Client on Ubuntu 20.04|18.04|16.04 | ComputingForGeeks

Configure LDAP Client on Ubuntu 20.04|18.04|16.04

62725
2
You can support us by downloading this article as PDF from the Link below.Download the guide as PDF

This is a guide on how to configure an Ubuntu 20.04|18.04 & Ubuntu 16.04 LTS servers to authenticate against an LDAP directory server. LDAP is a lightweight client-server protocol for accessing directory services, specifically X.500-based directory services.

I expect you already have a running LDAP server, if not, use our guides below to set it up:

How to Install and configure OpenLDAP on Ubuntu LTS

Once you have LDAP server configured and user accounts added, you can proceed to install and configure LDAP client.

Install and Configure LDAP Client on Ubuntu 20.04|18.04 & Ubuntu 16.04 LTS

Add LDAP server address to /etc/hosts file if you don’t have an active DNS server in your network.

$ sudo vim /etc/hosts
192.168.18.50 ldap.example.com

Install LDAP client utilities on your Ubuntu system:

sudo apt -y install libnss-ldap libpam-ldap ldap-utils

Begin configuring the settings to look like below

1. Set LDAP URI- This can be IP address or hostname

ldap client ubuntu 18.04 add uri min

2. Set a Distinguished name of the search base

ldap client ubuntu 18.04 set search base distinguished name min

3. Select LDAP version 3

ldap client ubuntu 18.04 set ldap version min

4. Select Yes for Make local root Database admin

ldap client ubuntu 18.04 make local root database admin min

5. Answer No for Does the LDAP database require login?

ldap client ubuntu 18.04 does ldap require login no min

6. Set LDAP account for root, something like cn=admin,cd=example,cn=com

ldap client ubuntu 18.04 set admin ldap account min

7. Provide LDAP root account Password

ldap client ubuntu 18.04 enter ldap admin pass min

After the installation, edit /etc/nsswitch.confand add ldap authentication to passwd and group lines.

passwd: compat systemd ldap
group: compat systemd ldap
shadow: compat

Modify the file /etc/pam.d/common-password. Remove use_authtok on line 26 to look like below.

password [success=1 user_unknown=ignore default=die] pam_ldap.so try_first_pass

Enable creation of home directory on first login by adding the following line to the end of file /etc/pam.d/common-session

session optional pam_mkhomedir.so skel=/etc/skel umask=077

See below screenshot:

ldap client enable home creation min

Test by switching to a user account on LDAP

root@server1:~# su - jmutai
Creating directory '/home/jmutai'.
jmutai@server1:~$ id
uid=10000(jmutai) gid=10000(sysadmins) groups=10000(sysadmins)

That’s all. If you need advanced centralized user management platform, see

Source: Configure LDAP Client on Ubuntu 20.04|18.04|16.04 | ComputingForGeeks

Configure LDAP Client on Ubuntu 20.04|18.04|16.04 | ComputingForGeeks was last modified: April 24th, 2021 by Jovan Stosic

DNS not working after upgrade to 18.04

Usually systemd-resolved gets the DNS servers from the DHCP handshake. Does your DHCP server give out the DNS addresses?

Also you can edit /etc/systemd/resolved.conf and add the IP address(es) of your server(s) on the DNS and FallbackDNS lines.

Code:
[Resolve]
DNS=192.168.100.100
FallbackDNS=8.8.8.8
[etc.]

192.168.100.100 is a local server on my network. You need to run “sudo systemctl restart systemd-resolved” after making any changes.

Source: [SOLVED] DNS not working after upgrade to 18.04

DNS not working after upgrade to 18.04 was last modified: April 16th, 2021 by Jovan Stosic

How To Use Apache as a Reverse Proxy with mod_proxy on Ubuntu 16.04

Modifying the Default Configuration to Enable Reverse Proxy

In this section, we will set up the default Apache virtual host to serve as a reverse proxy for single backend server or an array of load balanced backend servers.

Note: In this tutorial, we’re applying the configuration at the virtual host level. On a default installation of Apache, there is only a single, default virtual host enabled. However, you can use all those configuration fragments in other virtual hosts as well. To learn more about virtual hosts in Apache, you can read this How To Set Up Apache Virtual Hosts on Ubuntu 16.04 tutorial.

If your Apache server acts as both HTTP and HTTPS server, your reverse proxy configuration must be placed in both the HTTP and HTTPS virtual hosts. To learn more about SSL with Apache, you can read this How To Create a Self-Signed SSL Certificate for Apache in Ubuntu 16.04 tutorial.

Open the default Apache configuration file using nano or your favorite text editor.

  • sudo nano /etc/apache2/sites-available/000-default.conf

Inside that file, you will find the <VirtualHost *:80> block starting on the first line. The first example below explains how to configure this block to reverse proxy for a single backend server, and the second sets up a load balanced reverse proxy for multiple backend servers.

Example 1 — Reverse Proxying a Single Backend Server

Replace all the contents within VirtualHost block with the following, so your configuration file looks like this:

/etc/apache2/sites-available/000-default.conf
<VirtualHost *:80>
    ProxyPreserveHost On

    ProxyPass / http://127.0.0.1:8080/
    ProxyPassReverse / http://127.0.0.1:8080/
</VirtualHost>

If you followed along with the example servers in Step 2, use 127.0.0.1:8080 as written in the block above. If you have your own application servers, use their addresses instead.

There are three directives here:

  • ProxyPreserveHost makes Apache pass the original Host header to the backend server. This is useful, as it makes the backend server aware of the address used to access the application.
  • ProxyPass is the main proxy configuration directive. In this case, it specifies that everything under the root URL (/) should be mapped to the backend server at the given address. For example, if Apache gets a request for /example, it will connect to http://your_backend_server/example and return the response to the original client.
  • ProxyPassReverse should have the same configuration as ProxyPass. It tells Apache to modify the response headers from backend server. This makes sure that if the backend server returns a location redirect header, the client’s browser will be redirected to the proxy address and not the backend server address, which would not work as intended.

To put these changes into effect, restart Apache.

  • sudo systemctl restart apache2

Now, if you access http://your_server_ip in a web browser, you will see your backend server response instead of standard Apache welcome page. If you followed Step 2, this means you’ll see Hellow world!.

Example 2 — Load Balancing Across Multiple Backend Servers

If you have multiple backend servers, a good way to distribute the traffic across them when proxying is to use load balancing features of mod_proxy.

Replace all the contents within the VirtualHost block with the following, so your configuration file looks like this:

/etc/apache2/sites-available/000-default.conf
<VirtualHost *:80>
<Proxy balancer://mycluster>
    BalancerMember http://127.0.0.1:8080
    BalancerMember http://127.0.0.1:8081
</Proxy>

    ProxyPreserveHost On

    ProxyPass / balancer://mycluster/
    ProxyPassReverse / balancer://mycluster/
</VirtualHost>

The configuration is similar to the previous one, but instead of specifying a single backend server directly, we’ve used an additional Proxy block to define multiple servers. The block is named balancer://mycluster (the name can be freely altered) and consists of one or more BalancerMembers, which specify the underlying backend server addresses. The ProxyPass and ProxyPassReverse directives use the load balancer pool named mycluster instead of a specific server.

If you followed along with the example servers in Step 2, use 127.0.0.1:8080 and 127.0.0.1:8081 for the BalancerMember directives, as written in the block above. If you have your own application servers, use their addresses instead.

To put these changes into effect, restart Apache.

  • sudo systemctl restart apache2

If you access http://your_server_ip in a web browser, you will see your backend servers’ responses instead of the standard Apache page. If you followed Step 2, refreshing the page multiple times should show Hello world! and Howdy world!, meaning the reverse proxy worked and is load balancing between both servers.

Source: How To Use Apache as a Reverse Proxy with mod_proxy on Ubuntu 16.04 | DigitalOcean

How To Use Apache as a Reverse Proxy with mod_proxy on Ubuntu 16.04 was last modified: February 20th, 2021 by Jovan Stosic

yaml – Using Docker-Compose, how to execute multiple commands

command: bash -c "python manage.py migrate && python manage.py runserver 0.0.0.0:8000"

Same example in multilines:

command: >
    bash -c "python manage.py migrate
    && python manage.py runserver 0.0.0.0:8000"

Or:

command: bash -c "
    python manage.py migrate
    && python manage.py runserver 0.0.0.0:8000
  "

 

Source: yaml – Using Docker-Compose, how to execute multiple commands – Stack Overflow

yaml – Using Docker-Compose, how to execute multiple commands was last modified: December 3rd, 2020 by Jovan Stosic

PHP issue “Cannot send session cookie” – Stack Overflow

Have you checked for Byte Order Mark (BOM) ? It happens when your file is in UTF8 and you open it with Windows’ Notepad.exe. – Geoffroy Mar 12 ’13 at 16:47
  • How do i check for BOM? If this is causing the issue how do i get rid of it? – Kaya Suleyman Mar 12 ’13 at 16:50
  • Use an editor which is able to show you special chars. – Geoffroy Mar 12 ’13 at 16:51
  • What editor are you using? – Alexander M. Turek Mar 12 ’13 at 16:52
  • Microsoft Expression. I’m new to this stuff, how do i check for BOM, what does it look like and how do i get my code working again? – Kaya Suleyman Mar 12 ’13 at 16:54
    • Download Notepad++ and open the file there, delete all fancy characters before the <?PHP
    • Make sure there is no whitespace character like ” ” or tab or linebreak before the <?PHP.
      • In Notepad++ click Encoding and then UTF-8 without BOM to convert the file to UTF-8 without BOM, then save it.
    • Also add ob_start(); before session_start(); to be safe.

Source: PHP issue “Cannot send session cookie” – Stack Overflow

PHP issue “Cannot send session cookie” – Stack Overflow was last modified: December 1st, 2020 by Jovan Stosic

Set up a LAMP server with Docker – Linux Hint

Set up a LAMP server with Docker

In this article, I am going to show you how to use Docker Compose to create a LAMP server for PHP web development. So, let’s get started.

Requirements:

In order to follow this article, you must have Docker installed on your computer. LinuxHint has a lot of articles that you can follow to install Docker on your desired Linux distribution if you don’t have it installed already. So, be sure to check LinuxHint.com in case you’re having trouble installing Docker.

Installing Docker Compose:

You can download Docker Compose binary file very easily with the following command:

sudo curl -L “https://github.com/docker/compose/releases/download/1.24.1/
docker-compose-$(uname -s)$(uname -m)
 -o /usr/local/bin/docker-compose

NOTE: curl may not be installed on your Linux distribution. If that’s the case, you can install curl with the following command:

Ubuntu/Debian/Linux Mint:

sudo apt install curl -y

CentOS/RHEL/Fedora:

sudo dnf install curl -y

Once docker-compose binary file is downloaded, run the following command:

sudo chmod +x /usr/local/bin/docker-compose

Now, check whether docker-compose command is working as follows:

docker-compose version

It should print the version information as shown in the screenshot below.

Setting Up Docker Compose for the Project:

Now, create a project directory ~/docker/lamp (let’s say) and a html/ directory inside the project directory for keeping the website files (i.e. php, html, css, js etc.) as follows:

mkdir -p ~/docker/lamp/html

Now, navigate to the project directory ~/docker/lamp as follows:

cd ~/docker/lamp

Create a php.Dockerfile in the project directory ~/docker/lamp. This is a Dockerfile which enables mysqli and PDO php extensions in the php:7.4.3-apache image from Docker Hub and builds a custom Docker image from it.

The contents of the php.Dockerfile is given below.

FROM php:7.4.3apache

RUN

dockerphpextinstall mysqli pdo pdo_mysql

Now, create a docker-compose.yaml file in the project directory ~/docker/lamp and type in the following lines in the docker-compose.yaml file.

version: “3.7”
services:
web-server:
build:
dockerfile: php.Dockerfile
context: .
restart: always
volumes:
– “./html/:/var/www/html/”
ports:
– “8080:80”
mysql-server:
image: mysql:8.0.19
restart: always
environment:
MYSQL_ROOT_PASSWORD: secret
volumes:
– mysql-data:/var/lib/mysql

phpmyadmin:
image: phpmyadmin/phpmyadmin:5.0.1
restart: always
environment:
PMA_HOST: mysql-server
PMA_USER: root
PMA_PASSWORD: secret
ports:
– “5000:80”
volumes:
mysql-data:

The docker-compose.yaml file should look as follows.

Here, I have created 3 services web-servermysql-server and phpmyadmin.

web-server service will run a custom-built Docker image as defined in php.Dockerfile.

mysql-server service will run the mysql:8.0.19 image (from DockerHub) in a Docker container.

phpmyadmin service will run the phpmyadmin/phpmyadmin:5.0.1 image (from DockerHub) in another Docker container.

In mysql-server service, the MYSQL_ROOT_PASSWORD environment variable is used to set the root password of MySQL.

In phpmyadmin service, the PMA_HOST, PMA_USER, PMA_PASSWORD environment variables are used to set the MySQL hostname, username and password respectively that phpMyAdmin will use to connect to the MySQL database server running as mysql-server service.

In mysql-server service, all the contents of the /var/lib/mysql directory will be saved permanently in the mysql-data volume.’

In the web-server service, the container port 80 (right) is mapped to the Docker host port 8080 (left).’

In the phpmyadmin service, the container port 5000 (right) is mapped to the Docker host port 80 (left).

Also, create a index.php file in the html/ directory for testing the LAMP server.

The contents of the index.php file in my case,

<?php
$host = “mysql-server”;
$user = “root”;
$pass = “secret”;
$db = “app1”;
try {
$conn = new PDO(“mysql:host=$host;dbname=$db, $user, $pass);
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

echo “Connected successfully”;
} catch(PDOException $e) {
echo “Connection failed: “ . $e->getMessage();
}
?>

Finally, the project directory ~/docker/lamp should look as follows:

Starting the LAMP Server:

Now, to start the web-servermysql-server and phpmyadmin services, run the following command:

docker-compose up -d

All the services should start in the background.

To see how the ports are mapped, run the following command:

docker-compose ps

As you can see, for the web-server service, the Docker host port 8080 is mapped to the container TCP port 80.

For the phpmyadmin service, the Docker host port 5000 is mapped to the container TCP port 80.

Finding the IP Address of Docker Host:

If you want to access the LAMP server from other computers on your network, you must know the IP address of your Docker host.

To find the IP address of your Docker host, run the following command:

ip

In my case, the IP address of my Docker host 192.168.20.160. It will be different for you. So, make sure to replace it with yours from now on.

Testing the LAMP Server:

Now, you can access phpMyAdmin 5 and the web server from a web browser.

To access phpMyAdmin 5, open a web browser and visit http://localhost:5000 from your Docker host or visit http://192.168.20.160:5000 from any other computer on the network.

phpMyAdmin 5 should load in your web browser.

Now, create an app1 MySQL database from phpMyAdmin.

Now, visit http://localhost:8080 from your Docker host or http://192.168.20.160:8080 from any other computer on your network to access the web server.

You should see the Connected successfully message. It means, the PHP is working and the MySQL database server is accessible from the web-server container. So, technically, the LAMP server is fully functional.

Stopping the LAMP Server:

To stop the web-servermysql-server and phpmyadmin services, run the following command:

docker-compose down

The web-servermysql-server and phpmyadmin services should be stopped.

 

Cleaning Up MySQL Server Data:

If you want to remove all the MySQL database data and settings, you must remove the mysql-data volume.

You can find the actual name of the volume with the following command:

docker volume ls

You can remove the volume lamp_mysql-data with the following command:

docker volume rm lamp_mysql-data

So, that’s how you set up a LAMP server with Docker. Thanks for reading this article.

As you can see, the volume to remove is lamp_mysql-data.

 

Source: Set up a LAMP server with Docker – Linux Hint

Set up a LAMP server with Docker – Linux Hint was last modified: November 29th, 2020 by Jovan Stosic

JSON PHP

<?php
$myObj->name = “John”;
$myObj->age = 30;
$myObj->city = “New York”;

$myJSON = json_encode($myObj);

echo $myJSON;
?>

Source: JSON PHP

JSON PHP was last modified: August 12th, 2020 by Jovan Stosic