[nflug] openLDAP cheats
Darin Perusich
Darin.Perusich at cognigencorp.com
Fri Dec 22 08:45:14 EST 2006
i don't think you're going to be able to YUM it, it can be downloaded at
http://directory.fedora.redhat.com/wiki/Download for FC 4,5,6 RHEL 3,4.
you can always download the source and build it from scratch if you're
so inclined.
eric wrote:
> it's been soooo long since I used fedora,
> how do I use yum to get Fedora DS for Fedora 3 release?
> Thanks, eric
>
>
> Dennis Ruzeski wrote:
>
>> Fedora DS is much nicer (both in terms of setup, administration, and
>> performance) compared to OpenLDAP (Which I will personally never use
>> again).
>>
>>
>>
>> On 12/20/06, * Darin Perusich* <Darin.Perusich at cognigencorp.com
>> <mailto:Darin.Perusich at cognigencorp.com>> wrote:
>>
>> fedora DS will build on any unix, i'm sure there are packages
>> available
>> for fedora server.
>>
>> why DS? reliability, scalability, performance, excellent management
>> utilities, ACL's are easily implemented, all the current schema's
>> required for unix/linux clients are in place.
>>
>> don't get me wrong i think openldap is a fine implementation and i use
>> it, it's just not here :)
>>
>> eric wrote:
>> > I have a fedora 3 server do you know if it is Fedora DS capable?
>> > Why do you recommend DS over openLDAP is it more reliable... etc...
>> > Thank you
>> >
>> > Darin Perusich wrote:
>> >
>> >> yes it is still possible, i was just throwing out an example
>> which would
>> >> work in most business environments.
>> >>
>> >> it would basically work in the same fashion but you'd have to
>> configure
>> >> samba so SECURITY = USER and still configure the server at the
>> OS level
>> >> as an ldap client.
>> >>
>> >> you have many options for which ldap implementation you wish to
>> run,
>> >> openLDAP, Sun DS, eDirectory, Fedora DS. while openLDAP comes
>> with every
>> >> linux distro i recommend Sun DS and then Fedora DS which
>> origionated
>> >>from SunDS when it was netscape/iplanet DS.
>> >> this is the best resource for setting up ldap/DS for client auth on
>> >> linux and solaris. i've been using these howto's for along time
>> and i've
>> >> contributed to them.
>> >>
>> >> http://web.singnet.com.sg/~garyttt/
>> <http://web.singnet.com.sg/%7Egaryttt/>
>> >>
>> >> Should you decide to go with SunDS or not this read is very
>> informative.
>> >>
>> >> http://www.thebergerbits.com/Beginners_Guide_to_SunONE_DS.pdf
>> >>
>> >> eric wrote:
>> >>
>> >>
>> >>> Darin, I don't want to use a windows AD server, don't have one
>> - don't
>> >>> want one, is it still possible to do
>> >>>
>> >>> ldap
>> >>> /\
>> >>> / \
>> >>> / \
>> >>> - -
>> >>> desktop samba
>> >>>
>> >>>
>> >>>
>> >>> Darin Perusich wrote:
>> >>>
>> >>>
>> >>>
>> >>>> eric wrote:
>> >>>>
>> >>>>
>> >>>>
>> >>>>
>> >>>>> So, my beginning question is, can an (LDAP) client on a
>> desktop use an
>> >>>>> LDAP server to logon another server serving samba 'user' shares?
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>> the simple answer is yes, but there are many ways to
>> implement this.the
>> >>>> only thing samba cares about is that the username you're
>> trying to
>> >>>> connect as is a valid unix account as well.
>> >>>>
>> >>>> one way to set this up would you to setup an windows Active
>> Directory
>> >>>> domain (yuck) and join the samba server to it as a member
>> server. then
>> >>>> set the samba option 'password server' to the AD controller.
>> configure
>> >>>> the samba server at the OS level to be an ldap client against
>> the AD
>> >>>> controller. samba has a bunch of ldap options which you could
>> use but
>> >>>> i've never played with them before.
>> >>>>
>> >>>>
>> >>>>
>> >>>>
>> >>>>
>> >>>>> Computer --> LDAP server --> Samba server
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>> ldap
>> >>>> /\
>> >>>> / \
>> >>>> / \
>> >>>> - -
>> >>>> desktop samba
>> >>>>
>> >>>>
>> >>>>
>> >>>>
>> >>>>
>> >>> _______________________________________________
>> >>> nflug mailing list
>> >>> nflug at nflug.org <mailto:nflug at nflug.org>
>> >>> http://www.nflug.org/mailman/listinfo/nflug
>> >>>
>> >>>
>> >>
>> >>
>> >
>> > _______________________________________________
>> > nflug mailing list
>> > nflug at nflug.org <mailto:nflug at nflug.org>
>> > http://www.nflug.org/mailman/listinfo/nflug
>>
>> --
>> Darin Perusich
>> Unix Systems Administrator
>> Cognigen Corporation
>> 395 Youngs Rd.
>> Williamsville, NY 14221
>> Phone: 716-633-3463
>> Email: darinper at cognigencorp.com <mailto:darinper at cognigencorp.com>
>> _______________________________________________
>> nflug mailing list
>> nflug at nflug.org <mailto:nflug at nflug.org>
>> http://www.nflug.org/mailman/listinfo/nflug
>>
>>
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> nflug mailing list
>> nflug at nflug.org
>> http://www.nflug.org/mailman/listinfo/nflug
>>
>>
>
> _______________________________________________
> nflug mailing list
> nflug at nflug.org
> http://www.nflug.org/mailman/listinfo/nflug
--
Darin Perusich
Unix Systems Administrator
Cognigen Corporation
395 Youngs Rd.
Williamsville, NY 14221
Phone: 716-633-3463
Email: darinper at cognigencorp.com
_______________________________________________
nflug mailing list
nflug at nflug.org
http://www.nflug.org/mailman/listinfo/nflug
More information about the nflug
mailing list