[nflug] openLDAP cheats

Dennis Ruzeski denniruz at gmail.com
Wed Dec 20 15:20:57 EST 2006 

Fedora DS is much nicer (both in terms of setup, administration, and
performance) compared to OpenLDAP (Which I will personally never use again).



On 12/20/06, Darin Perusich <Darin.Perusich at cognigencorp.com> wrote:
>
> fedora DS will build on any unix, i'm sure there are packages available
> for fedora server.
>
> why DS? reliability, scalability, performance, excellent management
> utilities, ACL's are easily implemented, all the current schema's
> required for unix/linux clients are in place.
>
> don't get me wrong i think openldap is a fine implementation and i use
> it, it's just not here :)
>
> eric wrote:
> > I have a fedora 3 server do you know if it is Fedora DS capable?
> > Why do you recommend DS over openLDAP is it more reliable... etc...
> > Thank you
> >
> > Darin Perusich wrote:
> >
> >> yes it is still possible, i was just throwing out an example which
> would
> >> work in most business environments.
> >>
> >> it would basically work in the same fashion but you'd have to configure
> >> samba so SECURITY = USER and still configure the server at the OS level
> >> as an ldap client.
> >>
> >> you have many options for which ldap implementation you wish to run,
> >> openLDAP, Sun DS, eDirectory, Fedora DS. while openLDAP comes with
> every
> >> linux distro i recommend Sun DS and then Fedora DS which origionated
> >>from SunDS when it was netscape/iplanet DS.
> >> this is the best resource for setting up ldap/DS for client auth on
> >> linux and solaris. i've been using these howto's for along time and
> i've
> >> contributed to them.
> >>
> >> http://web.singnet.com.sg/~garyttt/
> >>
> >> Should you decide to go with SunDS or not this read is very
> informative.
> >>
> >> http://www.thebergerbits.com/Beginners_Guide_to_SunONE_DS.pdf
> >>
> >> eric wrote:
> >>
> >>
> >>> Darin, I don't want to use a windows AD server, don't have one - don't
> >>> want one, is it still possible to do
> >>>
> >>>       ldap
> >>>        /\
> >>>        /  \
> >>>       /    \
> >>>      -      -
> >>> desktop       samba
> >>>
> >>>
> >>>
> >>> Darin Perusich wrote:
> >>>
> >>>
> >>>
> >>>> eric wrote:
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>> So, my beginning question is, can an (LDAP) client on a desktop use
> an
> >>>>> LDAP server to logon another server serving samba 'user' shares?
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>> the simple answer is yes, but there are many ways to implement
> this.the
> >>>> only thing samba cares about is that the username you're trying to
> >>>> connect as is a valid unix account as well.
> >>>>
> >>>> one way to set this up would you to setup an windows Active Directory
> >>>> domain (yuck) and join the samba server to it as a member server.
> then
> >>>> set the samba option 'password server' to the AD controller.
> configure
> >>>> the samba server at the OS level to be an ldap client against the AD
> >>>> controller. samba has a bunch of ldap options which you could use but
> >>>> i've never played with them before.
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>> Computer --> LDAP server --> Samba server
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>    ldap
> >>>>     /\
> >>>>       /  \
> >>>>      /    \
> >>>>     -      -
> >>>> desktop       samba
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>> _______________________________________________
> >>> nflug mailing list
> >>> nflug at nflug.org
> >>> http://www.nflug.org/mailman/listinfo/nflug
> >>>
> >>>
> >>
> >>
> >
> > _______________________________________________
> > nflug mailing list
> > nflug at nflug.org
> > http://www.nflug.org/mailman/listinfo/nflug
>
> --
> Darin Perusich
> Unix Systems Administrator
> Cognigen Corporation
> 395 Youngs Rd.
> Williamsville, NY 14221
> Phone: 716-633-3463
> Email: darinper at cognigencorp.com
> _______________________________________________
> nflug mailing list
> nflug at nflug.org
> http://www.nflug.org/mailman/listinfo/nflug
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.nflug.org/pipermail/nflug/attachments/20070525/21c0ed94/attachment.html
-------------- next part --------------
_______________________________________________
nflug mailing list
nflug at nflug.org
http://www.nflug.org/mailman/listinfo/nflug

More information about the nflug mailing list