[nflug] openLDAP cheats

eric eric at bootz.us
Fri Dec 22 09:23:46 EST 2006


I have a G4 waiting to be utilized, I think I'll do the FC6 ppc thing.
So many servers and me without breaks...

Darin Perusich wrote:

>i don't think you're going to be able to YUM it, it can be downloaded at
>http://directory.fedora.redhat.com/wiki/Download for FC 4,5,6 RHEL 3,4.
>
>you can always download the source and build it from scratch if you're
>so inclined.
>
>eric wrote:
>  
>
>>it's been soooo long since I used fedora,
>>how do I use yum to get Fedora DS for Fedora 3 release?
>>Thanks, eric
>>
>>
>>Dennis Ruzeski wrote:
>>
>>    
>>
>>>Fedora DS is much nicer (both in terms of setup, administration, and
>>>performance) compared to OpenLDAP (Which I will personally never use
>>>again).
>>>
>>>
>>>
>>>On 12/20/06, * Darin Perusich* <Darin.Perusich at cognigencorp.com
>>><mailto:Darin.Perusich at cognigencorp.com>> wrote:
>>>
>>>    fedora DS will build on any unix, i'm sure there are packages
>>>    available
>>>    for fedora server.
>>>
>>>    why DS? reliability, scalability, performance, excellent management
>>>    utilities, ACL's are easily implemented, all the current schema's
>>>    required for unix/linux clients are in place.
>>>
>>>    don't get me wrong i think openldap is a fine implementation and i use
>>>    it, it's just not here :)
>>>
>>>    eric wrote:
>>>    > I have a fedora 3 server do you know if it is Fedora DS capable?
>>>    > Why do you recommend DS over openLDAP is it more reliable... etc...
>>>    > Thank you
>>>    >
>>>    > Darin Perusich wrote:
>>>    >
>>>    >> yes it is still possible, i was just throwing out an example
>>>    which would
>>>    >> work in most business environments.
>>>    >>
>>>    >> it would basically work in the same fashion but you'd have to
>>>    configure
>>>    >> samba so SECURITY = USER and still configure the server at the
>>>    OS level
>>>    >> as an ldap client.
>>>    >>
>>>    >> you have many options for which ldap implementation you wish to
>>>    run,
>>>    >> openLDAP, Sun DS, eDirectory, Fedora DS. while openLDAP comes
>>>    with every
>>>    >> linux distro i recommend Sun DS and then Fedora DS which
>>>    origionated
>>>    >>from SunDS when it was netscape/iplanet DS.
>>>    >> this is the best resource for setting up ldap/DS for client auth on
>>>    >> linux and solaris. i've been using these howto's for along time
>>>    and i've
>>>    >> contributed to them.
>>>    >>
>>>    >> http://web.singnet.com.sg/~garyttt/
>>>    <http://web.singnet.com.sg/%7Egaryttt/>
>>>    >>
>>>    >> Should you decide to go with SunDS or not this read is very
>>>    informative.
>>>    >>
>>>    >> http://www.thebergerbits.com/Beginners_Guide_to_SunONE_DS.pdf
>>>    >>
>>>    >> eric wrote:
>>>    >>
>>>    >>
>>>    >>> Darin, I don't want to use a windows AD server, don't have one
>>>    - don't
>>>    >>> want one, is it still possible to do
>>>    >>>
>>>    >>>       ldap
>>>    >>>        /\
>>>    >>>        /  \
>>>    >>>       /    \
>>>    >>>      -      -
>>>    >>> desktop       samba
>>>    >>>
>>>    >>>
>>>    >>>
>>>    >>> Darin Perusich wrote:
>>>    >>>
>>>    >>>
>>>    >>>
>>>    >>>> eric wrote:
>>>    >>>>
>>>    >>>>
>>>    >>>>
>>>    >>>>
>>>    >>>>> So, my beginning question is, can an (LDAP) client on a
>>>    desktop use an
>>>    >>>>> LDAP server to logon another server serving samba 'user' shares?
>>>    >>>>>
>>>    >>>>>
>>>    >>>>>
>>>    >>>>>
>>>    >>>> the simple answer is yes, but there are many ways to
>>>    implement this.the
>>>    >>>> only thing samba cares about is that the username you're
>>>    trying to
>>>    >>>> connect as is a valid unix account as well.
>>>    >>>>
>>>    >>>> one way to set this up would you to setup an windows Active
>>>    Directory
>>>    >>>> domain (yuck) and join the samba server to it as a member
>>>    server. then
>>>    >>>> set the samba option 'password server' to the AD controller.
>>>    configure
>>>    >>>> the samba server at the OS level to be an ldap client against
>>>    the AD
>>>    >>>> controller. samba has a bunch of ldap options which you could
>>>    use but
>>>    >>>> i've never played with them before.
>>>    >>>>
>>>    >>>>
>>>    >>>>
>>>    >>>>
>>>    >>>>
>>>    >>>>> Computer --> LDAP server --> Samba server
>>>    >>>>>
>>>    >>>>>
>>>    >>>>>
>>>    >>>>>
>>>    >>>>>
>>>    >>>>    ldap
>>>    >>>>     /\
>>>    >>>>       /  \
>>>    >>>>      /    \
>>>    >>>>     -      -
>>>    >>>> desktop       samba
>>>    >>>>
>>>    >>>>
>>>    >>>>
>>>    >>>>
>>>    >>>>
>>>    >>> _______________________________________________
>>>    >>> nflug mailing list
>>>    >>> nflug at nflug.org <mailto:nflug at nflug.org>
>>>    >>> http://www.nflug.org/mailman/listinfo/nflug
>>>    >>>
>>>    >>>
>>>    >>
>>>    >>
>>>    >
>>>    > _______________________________________________
>>>    > nflug mailing list
>>>    > nflug at nflug.org <mailto:nflug at nflug.org>
>>>    > http://www.nflug.org/mailman/listinfo/nflug
>>>
>>>    --
>>>    Darin Perusich
>>>    Unix Systems Administrator
>>>    Cognigen Corporation
>>>    395 Youngs Rd.
>>>    Williamsville, NY 14221
>>>    Phone: 716-633-3463
>>>    Email: darinper at cognigencorp.com <mailto:darinper at cognigencorp.com>
>>>    _______________________________________________
>>>    nflug mailing list
>>>    nflug at nflug.org <mailto:nflug at nflug.org>
>>>    http://www.nflug.org/mailman/listinfo/nflug
>>>
>>>
>>>------------------------------------------------------------------------
>>>
>>>_______________________________________________
>>>nflug mailing list
>>>nflug at nflug.org
>>>http://www.nflug.org/mailman/listinfo/nflug
>>> 
>>>
>>>      
>>>
>>_______________________________________________
>>nflug mailing list
>>nflug at nflug.org
>>http://www.nflug.org/mailman/listinfo/nflug
>>    
>>
>
>  
>

_______________________________________________
nflug mailing list
nflug at nflug.org
http://www.nflug.org/mailman/listinfo/nflug



More information about the nflug mailing list