[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: General LDAP/OpenLDap Questions

To: brian.burke@rti-world.com
Subject: Re: General LDAP/OpenLDap Questions
From: Mark Smith <mcs@netscape.com>
Date: Thu, 17 Jun 1999 10:46:23 -0400
Cc: openldap-general@OpenLDAP.org
Organization: Netscape Communications
References: <000601beb867$ace53f80$1a01a8c0@nimue>

"Brian J. Burke" wrote:
> 
> Greetings,
> 
> I have been tasked with setting up an LDAP server
> as a company-wide address book and source of authentication.
> Currently, I am testing the OpenLDAP server.  The two major
> problems I am running into are:
> 
> 1) Documentation
> 2) Client side administration/data entry
> 
> I have been looking over a number of resources available
> over the net and piecing together what needs to be done.
> I've referenced the documentation for OpenLDAP, IBM's
> Understanding LDAP redbook, various snippets of documentation
> for pam_ldap, samba's ldap authentication, various RFC's
> pertaining to LDAP and it's use for storing system info,
> authentication info, et cetera.
> 
> I believe I have a pretty good picture of how things work,
> and a pretty solid understanding of LDAP in general.  What
> I'm looking for is something to glue all of this together.
> I've seen sample LDIF files packed with the Samba and
> Pam_ldap docs that outline some of the attributes needed
> to implement those systems, and browsed over the schema
> viewer pointed to via the OpenLDAP FaqOMatic.  However,
> I was hoping there might be a few kind souls who have
> established or are working to establish, something
> similiar, and are willing to share their experience.
> 
> In particular, I'd like to take a peek at attribute,
> objectclass, and ACL setups under OpenLdap.  Especially
> those implementing supporting objectclasses for Pam_Ldap
> and Samba's LDAP authentication.  I've been browsing most
> of the major LDAP sites, but haven't been able to digest
> 100% of it yet.  If someone has a URL to a HOWTO or something
> similiar, that would be especially keen.
> 
> Ideally, an administrative type would be able to handle the
> data entry and maintenance of the info contained in OpenLdap.
> However, the options I have explored so far (mostly opensource)
> have not been easy or robust enough for practical implementation.
> I've checked the various client listings from the OpenLdap and U o M
> LDAP pages, GQ, KLDap, and two of the web gateways out there.
> Unfortunately, customizing or designing our own solution is
> not within the realm of possibility at the moment, so I'm looking
> for something that's already been done.  Any suggestions, commerical
> or otherwise?
> 
> From looking over Netscape's server, it looks like there are some decent
> administrative tools.  I'm currently researching Netscape's server
> for this reason (both for content management, and administering the
> server and it's replicas).
> 
> Any pointers at all would be greatly appreciated, thanks for your time!:>

FYI, you can browse the Netscape documentation here:

    http://home.netscape.com/eng/server/directory/4.0/

Of course much of it is specific to our product, but parts of it are not
so much -- such as our Deployment Guide.  Our documentation doesn't yet
include much (if any) information about Pam_Ldap or SAMBA integration
though.  We do have a lot of information on access control, but our ACL
scheme is much different than OpenLDAP's.

--
Mark Smith
Directory Architect / Netscape Communications Corp.
My words are my own, not my employer's.  Got LDAP?

References:
- General LDAP/OpenLDap Questions
  - From: "Brian J. Burke" <brian.burke@rti-world.com>

Prev by Date: Re: [Re: Looking for LDAP Management Tool]
Next by Date: Re: Possible to have blank passwords?
Index(es):
- Chronological
- Thread