OpenLDAP on Ubuntu 24.04 LTS

Azure Security

OpenLDAP, the standards based slapd directory server, ready on first boot as a private LDAP and LDAPS identity source for your own services.

Base
Hardened build
minimal ports, security patches applied at build time
Access
Unique credentials
generated on first boot, readable only by root
Verified
Boots working
services pass a health gate before release
Support
24/7, 365 days
by email and live chat, 24 hour response SLA

Overview

OpenLDAP is the widely deployed, open source implementation of the Lightweight Directory Access Protocol. Its standalone daemon, slapd, stores users, groups and organisational data in a hierarchical directory and answers standard LDAP queries, so applications, operating systems and network services can share one authoritative identity source instead of a separate account store for each. It speaks plain LDAP with StartTLS as well as LDAP over TLS, uses the fast memory mapped mdb backend, and is configured dynamically through its own cn=config directory, making it the reference directory service for centralised authentication and address book lookups.

It suits any team that wants a private, self owned directory to authenticate and authorise their own applications rather than depending on a hosted identity provider.

Why the cloudimg image

cloudimg delivers slapd fully installed and hardened with a usable directory already in place, so it answers LDAP queries the moment the instance boots. The image is secure by default: no usable directory administrator credential is baked in, and on each machine's first boot a unique administrator password is generated and the self signed TLS certificate is regenerated so no key material is ever shared between instances. LDAPS is enabled, anonymous writes are refused, and the directory database lives on a dedicated data disk that is separate from the operating system disk and independently resizable. Everything is backed by a paired deployment guide and 24/7 support.

Common uses

  • Run a private LDAP directory to centralise logins for your own applications
  • Provide an LDAP and LDAPS identity source for services you host yourself
  • Own your users, groups and directory data inside your own cloud account