[nflug] openLDAP cheats

Darin Perusich Darin.Perusich at cognigencorp.com
Fri Dec 22 08:45:14 EST 2006


i don't think you're going to be able to YUM it, it can be downloaded at
http://directory.fedora.redhat.com/wiki/Download for FC 4,5,6 RHEL 3,4.

you can always download the source and build it from scratch if you're
so inclined.

eric wrote:
> it's been soooo long since I used fedora,
> how do I use yum to get Fedora DS for Fedora 3 release?
> Thanks, eric
> 
> 
> Dennis Ruzeski wrote:
> 
>> Fedora DS is much nicer (both in terms of setup, administration, and
>> performance) compared to OpenLDAP (Which I will personally never use
>> again).
>>
>>
>>
>> On 12/20/06, * Darin Perusich* <Darin.Perusich at cognigencorp.com
>> <mailto:Darin.Perusich at cognigencorp.com>> wrote:
>>
>>     fedora DS will build on any unix, i'm sure there are packages
>>     available
>>     for fedora server.
>>
>>     why DS? reliability, scalability, performance, excellent management
>>     utilities, ACL's are easily implemented, all the current schema's
>>     required for unix/linux clients are in place.
>>
>>     don't get me wrong i think openldap is a fine implementation and i use
>>     it, it's just not here :)
>>
>>     eric wrote:
>>     > I have a fedora 3 server do you know if it is Fedora DS capable?
>>     > Why do you recommend DS over openLDAP is it more reliable... etc...
>>     > Thank you
>>     >
>>     > Darin Perusich wrote:
>>     >
>>     >> yes it is still possible, i was just throwing out an example
>>     which would
>>     >> work in most business environments.
>>     >>
>>     >> it would basically work in the same fashion but you'd have to
>>     configure
>>     >> samba so SECURITY = USER and still configure the server at the
>>     OS level
>>     >> as an ldap client.
>>     >>
>>     >> you have many options for which ldap implementation you wish to
>>     run,
>>     >> openLDAP, Sun DS, eDirectory, Fedora DS. while openLDAP comes
>>     with every
>>     >> linux distro i recommend Sun DS and then Fedora DS which
>>     origionated
>>     >>from SunDS when it was netscape/iplanet DS.
>>     >> this is the best resource for setting up ldap/DS for client auth on
>>     >> linux and solaris. i've been using these howto's for along time
>>     and i've
>>     >> contributed to them.
>>     >>
>>     >> http://web.singnet.com.sg/~garyttt/
>>     <http://web.singnet.com.sg/%7Egaryttt/>
>>     >>
>>     >> Should you decide to go with SunDS or not this read is very
>>     informative.
>>     >>
>>     >> http://www.thebergerbits.com/Beginners_Guide_to_SunONE_DS.pdf
>>     >>
>>     >> eric wrote:
>>     >>
>>     >>
>>     >>> Darin, I don't want to use a windows AD server, don't have one
>>     - don't
>>     >>> want one, is it still possible to do
>>     >>>
>>     >>>       ldap
>>     >>>        /\
>>     >>>        /  \
>>     >>>       /    \
>>     >>>      -      -
>>     >>> desktop       samba
>>     >>>
>>     >>>
>>     >>>
>>     >>> Darin Perusich wrote:
>>     >>>
>>     >>>
>>     >>>
>>     >>>> eric wrote:
>>     >>>>
>>     >>>>
>>     >>>>
>>     >>>>
>>     >>>>> So, my beginning question is, can an (LDAP) client on a
>>     desktop use an
>>     >>>>> LDAP server to logon another server serving samba 'user' shares?
>>     >>>>>
>>     >>>>>
>>     >>>>>
>>     >>>>>
>>     >>>> the simple answer is yes, but there are many ways to
>>     implement this.the
>>     >>>> only thing samba cares about is that the username you're
>>     trying to
>>     >>>> connect as is a valid unix account as well.
>>     >>>>
>>     >>>> one way to set this up would you to setup an windows Active
>>     Directory
>>     >>>> domain (yuck) and join the samba server to it as a member
>>     server. then
>>     >>>> set the samba option 'password server' to the AD controller.
>>     configure
>>     >>>> the samba server at the OS level to be an ldap client against
>>     the AD
>>     >>>> controller. samba has a bunch of ldap options which you could
>>     use but
>>     >>>> i've never played with them before.
>>     >>>>
>>     >>>>
>>     >>>>
>>     >>>>
>>     >>>>
>>     >>>>> Computer --> LDAP server --> Samba server
>>     >>>>>
>>     >>>>>
>>     >>>>>
>>     >>>>>
>>     >>>>>
>>     >>>>    ldap
>>     >>>>     /\
>>     >>>>       /  \
>>     >>>>      /    \
>>     >>>>     -      -
>>     >>>> desktop       samba
>>     >>>>
>>     >>>>
>>     >>>>
>>     >>>>
>>     >>>>
>>     >>> _______________________________________________
>>     >>> nflug mailing list
>>     >>> nflug at nflug.org <mailto:nflug at nflug.org>
>>     >>> http://www.nflug.org/mailman/listinfo/nflug
>>     >>>
>>     >>>
>>     >>
>>     >>
>>     >
>>     > _______________________________________________
>>     > nflug mailing list
>>     > nflug at nflug.org <mailto:nflug at nflug.org>
>>     > http://www.nflug.org/mailman/listinfo/nflug
>>
>>     --
>>     Darin Perusich
>>     Unix Systems Administrator
>>     Cognigen Corporation
>>     395 Youngs Rd.
>>     Williamsville, NY 14221
>>     Phone: 716-633-3463
>>     Email: darinper at cognigencorp.com <mailto:darinper at cognigencorp.com>
>>     _______________________________________________
>>     nflug mailing list
>>     nflug at nflug.org <mailto:nflug at nflug.org>
>>     http://www.nflug.org/mailman/listinfo/nflug
>>
>>
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> nflug mailing list
>> nflug at nflug.org
>> http://www.nflug.org/mailman/listinfo/nflug
>>  
>>
> 
> _______________________________________________
> nflug mailing list
> nflug at nflug.org
> http://www.nflug.org/mailman/listinfo/nflug

-- 
Darin Perusich
Unix Systems Administrator
Cognigen Corporation
395 Youngs Rd.
Williamsville, NY 14221
Phone: 716-633-3463
Email: darinper at cognigencorp.com
_______________________________________________
nflug mailing list
nflug at nflug.org
http://www.nflug.org/mailman/listinfo/nflug



More information about the nflug mailing list