[Date Prev][Date Next]
Re: setting up openldap for day-to-day admin
At 06:39 PM 5/6/2004, Maxwell Bottiger wrote:
> I'm having a bit of trouble wrapping my brain around the steps
>needed to make a pretty simple setup of OpenLDAP work for me. I was
>able to use ldapadd to put a bunch of users into my database, then set
>up nsswitch.conf to allow ldap to emulate NIS. I can't tell you how
>happy I am to be rid of NIS, OpenLDAP has been awesome to me.
I note that you should direct a major portion of your acclaim to
the fine folks at PADL who development and maintain the key LDAP
applications which make that possible, such as pam_ldap and nss_ldap.
Of course, you could have choose any other LDAP server to work with
these applications, I'm pleased you were you are happy with OpenLDAP.
>So, I think that I need to do 2 things. First, I
>need ldap to recognize users for who they are, not anonymous.
How to configure the pam_ldap and nss_ldap applications to
authenticate is a question you should take to the appropriate
PADL mailing list, <firstname.lastname@example.org> or <email@example.com>,
>I'd like to set myself up as the ldap admin, so that I can easily edit
>things like users and passwords and phone numbers (instead of always
>having to specify "cn=ldapadmin,dc=modsim,dc=lab") Where do I start?
For OpenLDAP clients, you can set BINDDN. See OpenLDAP's ldap.conf(5)
for details. For other clients, see their documentation.