[nflug] openLDAP cheats

eric eric at bootz.us
Fri Dec 22 08:05:09 EST 2006 

it's been soooo long since I used fedora,
how do I use yum to get Fedora DS for Fedora 3 release?
Thanks, eric


Dennis Ruzeski wrote:

> Fedora DS is much nicer (both in terms of setup, administration, and
> performance) compared to OpenLDAP (Which I will personally never use
> again).
>
>
>
> On 12/20/06, * Darin Perusich* <Darin.Perusich at cognigencorp.com
> <mailto:Darin.Perusich at cognigencorp.com>> wrote:
>
>     fedora DS will build on any unix, i'm sure there are packages
>     available
>     for fedora server.
>
>     why DS? reliability, scalability, performance, excellent management
>     utilities, ACL's are easily implemented, all the current schema's
>     required for unix/linux clients are in place.
>
>     don't get me wrong i think openldap is a fine implementation and i use
>     it, it's just not here :)
>
>     eric wrote:
>     > I have a fedora 3 server do you know if it is Fedora DS capable?
>     > Why do you recommend DS over openLDAP is it more reliable... etc...
>     > Thank you
>     >
>     > Darin Perusich wrote:
>     >
>     >> yes it is still possible, i was just throwing out an example
>     which would
>     >> work in most business environments.
>     >>
>     >> it would basically work in the same fashion but you'd have to
>     configure
>     >> samba so SECURITY = USER and still configure the server at the
>     OS level
>     >> as an ldap client.
>     >>
>     >> you have many options for which ldap implementation you wish to
>     run,
>     >> openLDAP, Sun DS, eDirectory, Fedora DS. while openLDAP comes
>     with every
>     >> linux distro i recommend Sun DS and then Fedora DS which
>     origionated
>     >>from SunDS when it was netscape/iplanet DS.
>     >> this is the best resource for setting up ldap/DS for client auth on
>     >> linux and solaris. i've been using these howto's for along time
>     and i've
>     >> contributed to them.
>     >>
>     >> http://web.singnet.com.sg/~garyttt/
>     <http://web.singnet.com.sg/%7Egaryttt/>
>     >>
>     >> Should you decide to go with SunDS or not this read is very
>     informative.
>     >>
>     >> http://www.thebergerbits.com/Beginners_Guide_to_SunONE_DS.pdf
>     >>
>     >> eric wrote:
>     >>
>     >>
>     >>> Darin, I don't want to use a windows AD server, don't have one
>     - don't
>     >>> want one, is it still possible to do
>     >>>
>     >>>       ldap
>     >>>        /\
>     >>>        /  \
>     >>>       /    \
>     >>>      -      -
>     >>> desktop       samba
>     >>>
>     >>>
>     >>>
>     >>> Darin Perusich wrote:
>     >>>
>     >>>
>     >>>
>     >>>> eric wrote:
>     >>>>
>     >>>>
>     >>>>
>     >>>>
>     >>>>> So, my beginning question is, can an (LDAP) client on a
>     desktop use an
>     >>>>> LDAP server to logon another server serving samba 'user' shares?
>     >>>>>
>     >>>>>
>     >>>>>
>     >>>>>
>     >>>> the simple answer is yes, but there are many ways to
>     implement this.the
>     >>>> only thing samba cares about is that the username you're
>     trying to
>     >>>> connect as is a valid unix account as well.
>     >>>>
>     >>>> one way to set this up would you to setup an windows Active
>     Directory
>     >>>> domain (yuck) and join the samba server to it as a member
>     server. then
>     >>>> set the samba option 'password server' to the AD controller.
>     configure
>     >>>> the samba server at the OS level to be an ldap client against
>     the AD
>     >>>> controller. samba has a bunch of ldap options which you could
>     use but
>     >>>> i've never played with them before.
>     >>>>
>     >>>>
>     >>>>
>     >>>>
>     >>>>
>     >>>>> Computer --> LDAP server --> Samba server
>     >>>>>
>     >>>>>
>     >>>>>
>     >>>>>
>     >>>>>
>     >>>>    ldap
>     >>>>     /\
>     >>>>       /  \
>     >>>>      /    \
>     >>>>     -      -
>     >>>> desktop       samba
>     >>>>
>     >>>>
>     >>>>
>     >>>>
>     >>>>
>     >>> _______________________________________________
>     >>> nflug mailing list
>     >>> nflug at nflug.org <mailto:nflug at nflug.org>
>     >>> http://www.nflug.org/mailman/listinfo/nflug
>     >>>
>     >>>
>     >>
>     >>
>     >
>     > _______________________________________________
>     > nflug mailing list
>     > nflug at nflug.org <mailto:nflug at nflug.org>
>     > http://www.nflug.org/mailman/listinfo/nflug
>
>     --
>     Darin Perusich
>     Unix Systems Administrator
>     Cognigen Corporation
>     395 Youngs Rd.
>     Williamsville, NY 14221
>     Phone: 716-633-3463
>     Email: darinper at cognigencorp.com <mailto:darinper at cognigencorp.com>
>     _______________________________________________
>     nflug mailing list
>     nflug at nflug.org <mailto:nflug at nflug.org>
>     http://www.nflug.org/mailman/listinfo/nflug
>
>
>------------------------------------------------------------------------
>
>_______________________________________________
>nflug mailing list
>nflug at nflug.org
>http://www.nflug.org/mailman/listinfo/nflug
>  
>

_______________________________________________
nflug mailing list
nflug at nflug.org
http://www.nflug.org/mailman/listinfo/nflug

More information about the nflug mailing list