LDAP System Administration

By Gerald Carter

Be extra efficient and make your existence more straightforward. that is what LDAP procedure Administration is all about.System directors usually spend loads of time handling configuration details situated on many alternative machines: usernames, passwords, printer configurations, e-mail consumer configurations, and community filesystem configurations, to call a couple of. LDAPv3 offers instruments for centralizing all the configuration info and putting it less than your regulate. instead of retaining a number of administrative databases (NIS, energetic listing, Samba, and NFS configuration files), you can also make adjustments in just one position and feature your entire structures instantly "see" the up to date information.Practically platform self reliant, this ebook makes use of the commonly on hand, open resource OpenLDAP 2 listing server as a premise for examples, displaying you the way to take advantage of it that will help you deal with your configuration details successfully and securely. OpenLDAP 2 ships with such a lot Linux® distributions and Mac OS® X, and will be simply downloaded for many Unix-based structures. After introducing the workings of a listing provider and the LDAP protocol, all elements of establishing and fitting OpenLDAP, plus key ancillary programs like SASL and OpenSSL, this ebook discusses:

  • Configuration and entry control
  • Distributed directories; replication and referral
  • Using OpenLDAP to switch NIS
  • Using OpenLDAP to control electronic mail configurations
  • Using LDAP for abstraction with FTP and HTTP servers, Samba, and Radius
  • Interoperating with varied LDAP servers, together with lively Directory
  • Programming utilizing Net::LDAP

If you must be a grasp of your area, LDAP approach Administration may also help you wake up and working fast despite which LDAP model you utilize. After interpreting this publication, in spite of no prior LDAP event, one can combine a listing server into crucial community companies comparable to mail, DNS, HTTP, and SMB/CIFS.

Show description

Preview of LDAP System Administration PDF

Best Information Technology books

Reverse Deception: Organized Cyber Threat Counter-Exploitation

In-depth counterintelligence strategies to struggle cyber-espionage "A accomplished and unheard of evaluate of the subject through specialists within the box. "--Slashdot reveal, pursue, and prosecute the perpetrators of complicated power threats (APTs) utilizing the verified safety thoughts and real-world case reports featured during this exclusive consultant.

Information Security: The Complete Reference, Second Edition

Improve and enforce a good end-to-end safeguard software Today’s advanced international of cellular structures, cloud computing, and ubiquitous info entry places new protection calls for on each IT expert. info defense: the whole Reference, moment variation (previously titled community protection: the whole Reference) is the one entire ebook that gives vendor-neutral information on all facets of knowledge safeguard, with an eye fixed towards the evolving chance panorama.

CCNA Cisco Certified Network Associate Routing and Switching Study Guide (Exams 200-120, ICND1, & ICND2), with Boson NetSim Limited Edition (Certification Press)

The simplest totally built-in research procedure to be had With countless numbers of perform questions and hands-on workouts, CCNA Cisco qualified community affiliate Routing and Switching research advisor with Boson NetSim restricted version covers what you want to know-- and indicates you the way to prepare--for those difficult tests.

CompTIA Network+ All-In-One Exam Guide, Sixth Edition (Exam N10-006)

From Mike Meyers, the number one identify in CompTIA education and examination training, an intensive revision of his bestselling examination guide―updated to hide the 2015 free up of the CompTIA community+ examination. Get entire insurance of all of the CompTIA community+ examination targets within this accomplished source. Written via the top professional on CompTIA certification and coaching, Mike Meyers, this authoritative advisor covers examination N10-006 in complete element.

Additional info for LDAP System Administration

Show sample text content

You could then determine that the swap has been made accurately through the use of the ldapadd command so as to add an access; the rootdn is at present the single DN allowed to put in writing to the listing. To run this try out, create a dossier with an LDIF access; we will use the subsequent LDIF access, saved in /tmp/test. ldif: ## try out person to make sure that the recent rootdn is fine. dn: cn=test user,ou=people,dc=plainjoe,dc=org cn: try out consumer sn: attempt objectclass: individual so as to add this access to the listing, invoke ldapadd with a few extra arguments: $ kinit ldapadmin@PLAINJOE. ORG Password for ldapadmin@PLAINJOE. ORG: password $ klist price ticket cache: FILE:/tmp/krb5cc_780 Default imperative: ldapadmin@PLAINJOE. ORG legitimate beginning Expires carrier valuable 11/28/02 19:20:15 11/29/02 05:20:15 krbtgt/PLAINJOE. ORG@PLAINJOE. ORG $ ldapmodify -a -H ldap://master. plainjoe. org/ \ > -f testuser. ldif SASL/GSSAPI authentication begun SASL username: ldapadmin@PLAINJOE. ORG SASL SSF: fifty six SASL fitting layers including new access "cn=test user,ou=people,dc=plainjoe,dc=org" $ klist price tag cache: FILE:/tmp/krb5cc_780 Default important: ldapadmin@PLAINJOE. ORG legitimate beginning Expires carrier critical 11/28/02 19:20:15 11/29/02 05:20:15 krbtgt/PLAINJOE. ORG@PLAINJOE. ORG 11/28/02 19:23:34 11/29/02 05:20:15 ldap/garion. plainjoe. org@PLAINJOE. ORG If the server doesn't aid the actual mechanism wanted, GSSAPI accordingly, authentication will fail. The -Y choice can be utilized to specify an SASL authentication mechanism instead of letting the customer and server try to negotiate a legitimate kind that's supported through either. As visible previous, the customer can receive an inventory of the mechanisms that the server helps by way of querying the server's rootDSE and viewing the values of the supportedSASLMechanisms characteristic. After turning into conversant in SASL person IDs, you could contain them into the ACLs outlined in slapd. conf. Following the guideline that an SASL identity can be utilized wherever a DN is used to symbolize an authenticated person, SASL IDs can stick with the by way of key-phrase in an ACL definition. for instance, the subsequent definition permits the Kerberos crucial jerry to edit the mail characteristic for all clients within the humans organizational unit: entry to dn=". *,ou=people,dc=plainjoe,dc=org" attrs=mail by means of "uid=jerry,cn=gssapi,cn=auth" write * * * [2] additional info on producing keytab records are available at the kadmin(8) manpage. half II. software Integration bankruptcy 6 bankruptcy 7 bankruptcy eight bankruptcy nine bankruptcy 10 bankruptcy 6. changing NIS considered one of LDAP's leader benefits is its skill to consolidate a number of listing prone into one. This bankruptcy examines the professionals and cons of utilizing LDAP instead for Sun's community info provider (NIS). NIS is used basically through Unix consumers to centralize administration of consumer info and passwords, hostnames and IP addresses, automount maps (files that keep an eye on the mounting of distant dossier systems), and different administrative details. NIS consumers for different working platforms, reminiscent of home windows NT four.

Download PDF sample

Rated 4.10 of 5 – based on 41 votes