[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: setting up LDAP question

To: reply1@lucassen.org
Subject: Re: setting up LDAP question
From: Tony Earnshaw <tonni@billy.demon.nl>
Date: 06 Nov 2002 07:51:45 +0100
Cc: openldap-software@OpenLDAP.org
In-reply-to: <200211052309.26696.mailinglists@lucassen.org>
References: <200211052309.26696.mailinglists@lucassen.org>

tir, 2002-11-05 kl. 23:09 skrev richard lucassen:

> - use LDAP for internal use
> - use LDAP for an addressbook
> - use LDAP for user auth
> - use LDAP for different other future databases
> - use my own objectclasses. I have an IANA number (1.3.6.1.4.1.10624).
> 
> It works, but I'd like to know if I'm on the right way when I organize 
> things like this:
> 
> dc=lucassen,dc=org
> |\__ou=users
> |   |\__cn=unixgroup (top,posixGroup,groupOfUniqueNames)
> |   |\__uid=user1 (top,posixAccount,shadowAccount)
> |   |\__uid=user2
> |    \__uid=user3
> |
> |\__ou=addressbook
> |   |\__cn=address1 (naw [local.schema])
> |   |\__cn=address2
> |   |\__cn=address3
> |    \__cn=address4
> |
> |\__ou=other-database
> |   |\__cn=entry1 (another-objectclass [local.schema])
> 
> I have a local.schema, a slapd.conf (a RedHat version) and an ldif dump:
> 
> http://tech1.cam.nl/docs/ldap/local.schema
> http://tech1.cam.nl/docs/ldap/test2.ldif
> http://tech1.cam.nl/docs/ldap/slapd.conf
> 
> It is an rpm install of openldap-2.0.23-4 on RedHat-7.3.
> 
> Comments are really appreciated. I'm an LDAP newbie. Please do not talk 
> 5-year-LDAP-experience-language to me ;-) I just want to set up an LDAP 
> server that is properly configured.

I basically have exactly what you've sketched out above. However, I'm
running 2.1.8 on Red Hat 7.2 with BDB 4.1 DB libs and as Mike says,
you'll find schema objectClass clashes later when you update to 2.1.

Almost all of my address book and local users have:

objectClass: top
objectClass: person
objectClass: evolutionPerson
objectClass: organizationalPerson
objectClass: inetOrgPerson
structuralObjectClass: evolutionPerson

(taken from a 2.1 LDIF).

evolutionPerson would correspond to your own IANA-granted schema.

Whatever you do, get hold of GQ (jump from www.biot.com) and compile/use
that plus a tail -f on slapd.log to help resolve conflicts. You can
modify the GQ configure to do things you won't be able to "out of the
box."

Best,

Tony

-- 

Tony Earnshaw

Could have been Henrik Ibsen's, Ole Bull's,
Henrik Wergelands's, Camilla Collet's and more's
last words, but weren't: «Fanden helder, helder
det at have sadset og at have tabt, end det at
 ikke have sadset i det hele taget.»

e-post:		tonni@billy.demon.nl
www:		http://www.billy.demon.nl

Follow-Ups:
- Re: setting up LDAP question
  - From: richard lucassen <mailinglists@lucassen.org>

References:
- setting up LDAP question
  - From: richard lucassen <mailinglists@lucassen.org>

Prev by Date: RE: setting up LDAP question
Next by Date: Re: setting up LDAP question
Index(es):
- Chronological
- Thread