From: "J. Roeleveld" <joost@antarean.org>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] LDAP server questions
Date: Wed, 19 Feb 2014 06:18:48 +0100 [thread overview]
Message-ID: <9be7a160-58dd-477a-b5d4-b641cb503d19@email.android.com> (raw)
In-Reply-To: <CAA2qdGXu7emw2JrxG0usbBJY-zSxXrvE_LO5xkcLu0keBA+4Sg@mail.gmail.com>
On 19 February 2014 05:11:12 CET, Pandu Poluan <pandu@poluan.info> wrote:
>On Feb 18, 2014 1:13 PM, "J. Roeleveld" <joost@antarean.org> wrote:
>>
>> On 18 February 2014 06:03:02 CET, Pandu Poluan <pandu@poluan.info>
>wrote:
>> >Hello list!
>> >
>> >I'm planning to replace an Active Directory server currently
>> >functioning
>> >*only* as an LDAP server, with a dedicated Linux-based LDAP server.
>> >
>> >Now, the function of the LDAP server is at the moment:
>> >* Provide the settings database for Axigen email server
>> >* Provide group membership for BlueCoat proxy (who allowed to access
>> >what)
>> >* Provide group membership for FreeRADIUS
>> >* Provide group membership for Fortinet VPN
>> >
>> >The day-to-day management will be handled be another division, and
>I'm
>> >quite sure that they prefer a GUI, so the solution really should
>have a
>> >GUI
>> >support (either Windows-based 'client' or web-based admin console).
>> >
>> >Apparently, there are now many implementations of LDAP in the *nix
>> >world,
>> >such as OpenLDAP, OpenDS, ApacheDS, and 389DS.
>> >
>> >Have any of you experiences with them? Which one do you think is the
>> >most
>> >mature and supported? And, quite importantly, which one has a GUI
>> >front-end?
>> >
>> >Rgds,
>> >--
>>
>> Openldap has a webbased gui: phpldapadmin.
>>
>> Both are in the tree.
>>
>> I use this myself for all the user accounts. Allowing me to only
>maintain
>a single repository for all the services and desktops.
>>
>> Not been able to get ms windows to authenticate against it though.
>But
>that requires further tools to be properly configured. (Think samba as
>a DC)
>>
>
>Interesting... thanks for the heads up!
>
>MS Windows authentication is not necessary, since this AD server is not
>used for that purpose...
>
>Rgds,
>--
If MS Windows is not necessary, then I can help with the config.
I got the following authenticating succesfully:
Linux accounts (PAM)
Apache
Egroupware
OpenKM
Samba
Squirrelmail and gallery authenticate against Apache
For these I can help you with the necessary config. For others we'll need to see what to configure where.
And backups are really easy with no downtime. (Export to LDIF)
--
Joost
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.
prev parent reply other threads:[~2014-02-19 5:19 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-02-18 5:03 [gentoo-user] LDAP server questions Pandu Poluan
2014-02-18 6:13 ` J. Roeleveld
2014-02-19 4:11 ` Pandu Poluan
2014-02-19 5:18 ` J. Roeleveld [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=9be7a160-58dd-477a-b5d4-b641cb503d19@email.android.com \
--to=joost@antarean.org \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox