[Date Prev][Date Next]
Re: setting up LDAP question
tir, 2002-11-05 kl. 23:09 skrev richard lucassen:
> - use LDAP for internal use
> - use LDAP for an addressbook
> - use LDAP for user auth
> - use LDAP for different other future databases
> - use my own objectclasses. I have an IANA number (22.214.171.124.4.1.10624).
> It works, but I'd like to know if I'm on the right way when I organize
> things like this:
> | |\__cn=unixgroup (top,posixGroup,groupOfUniqueNames)
> | |\__uid=user1 (top,posixAccount,shadowAccount)
> | |\__uid=user2
> | \__uid=user3
> | |\__cn=address1 (naw [local.schema])
> | |\__cn=address2
> | |\__cn=address3
> | \__cn=address4
> | |\__cn=entry1 (another-objectclass [local.schema])
> I have a local.schema, a slapd.conf (a RedHat version) and an ldif dump:
> It is an rpm install of openldap-2.0.23-4 on RedHat-7.3.
> Comments are really appreciated. I'm an LDAP newbie. Please do not talk
> 5-year-LDAP-experience-language to me ;-) I just want to set up an LDAP
> server that is properly configured.
I basically have exactly what you've sketched out above. However, I'm
running 2.1.8 on Red Hat 7.2 with BDB 4.1 DB libs and as Mike says,
you'll find schema objectClass clashes later when you update to 2.1.
Almost all of my address book and local users have:
(taken from a 2.1 LDIF).
evolutionPerson would correspond to your own IANA-granted schema.
Whatever you do, get hold of GQ (jump from www.biot.com) and compile/use
that plus a tail -f on slapd.log to help resolve conflicts. You can
modify the GQ configure to do things you won't be able to "out of the
Could have been Henrik Ibsen's, Ole Bull's,
Henrik Wergelands's, Camilla Collet's and more's
last words, but weren't: «Fanden helder, helder
det at have sadset og at have tabt, end det at
ikke have sadset i det hele taget.»