[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: What exactly does "backend" mean?

Loosely, a backend is what really stores your data. It could be a language binding, eg. back-shell, back-tcl, back-perl or an actual datastore eg. back-sql ( SQL database ), back-passwd ( /etc/passwd ).

You could use back-sql to access information stored in SQL databases.

As for the win2k auth off OpenLDAP. You can run a SAMBA PDC and the SAMBA head stuff :) . You can also install a ldap GINA eg. pGINA http://pgina.cs.plu.edu/ .

It's actually much easier to go the other way round, ie. authenticate UNIX boxes off Win2k ( so much for working well with others :) . Then you can use Samba's winbind or active directory schema extensions. Winbind has it's own set of issues though.

I use OpenLDAP with the perl backend on Win2k to keep the two databases in sync, instead of having one authenticate against the other. User adds are replicated to the Win2k OpenLDAP which use perl to add the users to active directory. Passwords are sync'ed to Win2k using replication and password changes are exported to OpenLDAP by way of a DLL. Works well, but the UNIX 'passwd' program had to be replaced by a perl script. I kept some info on the project at http://acctsync.sourceforge.net/


Jim C wrote:
OK, so I've configured an OpenLDAP server and 3 clients. I've seen references to useing different "backends". This would seem to imply that one could first install an LDAP server and use, for example, MySQL as a backend
then, fire up MySQL and do SQL based searches on the database. If this is correct, it would be most useful.

Also can anyone point me at a good tutorial for authenticateing Win2K and WinXP clients off of OpenLDAP?
Can this even be done? My research to date suggests that it cannot. Toss me a bone here. ;)