Books & Videos

LDAP System Administration

Putting Directories to Work

By Gerald Carter

Publisher: O'Reilly Media

Release Date: February 2009

Pages: 312

Read on Safari with a 10-day trial

Start your free trial now Buy on Amazon

Where’s the cart? Now you can get everything on Safari. To purchase books, visit Amazon or your favorite retailer. Questions? See our FAQ or contact customer service:

1-800-889-8969 / 707-827-7019
support@oreilly.com

Download Example Code

View/Submit Errata

Be more productive and make your life easier. That's what LDAP System Administration is all about. System administrators often spend a great deal of time managing configuration information located on many different machines: usernames, passwords, printer configurations, email client configurations, and network filesystem configurations, to name a few. LDAPv3 provides tools for centralizing all of the configuration information and placing it under your control. Rather than maintaining several administrative databases (NIS, Active Directory, Samba, and NFS configuration files), you can make changes in only one place and have all your systems immediately "see" the updated information. Practically platform independent, this book uses the widely available, open source OpenLDAP 2 directory server as a premise for examples, showing you how to use it to help you manage your configuration information effectively and securely. OpenLDAP 2 ships with most Linux® distributions and Mac OS® X, and can be easily downloaded for most Unix-based systems. After introducing the workings of a directory service and the LDAP protocol, all aspects of building and installing OpenLDAP, plus key ancillary packages like SASL and OpenSSL, this book discusses:

Configuration and access control
Distributed directories; replication and referral
Using OpenLDAP to replace NIS
Using OpenLDAP to manage email configurations
Using LDAP for abstraction with FTP and HTTP servers, Samba, and Radius
Interoperating with different LDAP servers, including Active Directory
Programming using Net::LDAP

If you want to be a master of your domain, LDAP System Administration will help you get up and running quickly regardless of which LDAP version you use. After reading this book, even with no previous LDAP experience, you'll be able to integrate a directory server into essential network services such as mail, DNS, HTTP, and SMB/CIFS.

LDAP Basics
1. Chapter 1 "Now where did I put that...?", or "What is a directory?"
  1. The Lightweight Directory Access Protocol
  2. What Is LDAP?
  3. LDAP Models
2. Chapter 2 LDAPv3 Overview
  1. LDIF
  2. What Is an Attribute?
  3. What Is the dc Attribute?
  4. Schema References
  5. Authentication
  6. Distributed Directories
  7. Continuing Standardization
3. Chapter 3 OpenLDAP
  1. Obtaining the OpenLDAP Distribution
  2. Software Requirements
  3. Compiling OpenLDAP 2
  4. OpenLDAP Clients and Servers
  5. The slapd.conf Configuration File
  6. Access Control Lists (ACLs)
4. Chapter 4 OpenLDAP: Building a Company White Pages
  1. A Starting Point
  2. Defining the Schema
  3. Updating slapd.conf
  4. Starting slapd
  5. Adding the Initial Directory Entries
  6. Graphical Editors
5. Chapter 5 Replication, Referrals, Searching, and SASL Explained
  1. More Than One Copy Is "a Good Thing"
  2. Distributing the Directory
  3. Advanced Searching Options
  4. Determining a Server's Capabilities
  5. Creating Custom Schema Files for slapd
  6. SASL and OpenLDAP
Application Integration
1. Chapter 6 Replacing NIS
  1. More About NIS
  2. Schemas for Information Services
  3. Information Migration
  4. The pam_ldap Module
  5. The nss_ldap Module
  6. OpenSSH, PAM, and NSS
  7. Authorization Through PAM
  8. Netgroups
  9. Security
  10. Automount Maps
  11. PADL's NIS/LDAP Gateway
2. Chapter 7 Email and LDAP
  1. Representing Users
  2. Email Clients and LDAP
  3. Mail Transfer Agents (MTAs)
3. Chapter 8 Standard Unix Services and LDAP
  1. The Directory Namespace
  2. An FTP/HTTP Combination
  3. User Authentication with Samba
  4. FreeRadius
  5. Resolving Hosts
  6. Central Printer Management
4. Chapter 9 LDAP Interoperability
  1. Interoperability or Integration?
  2. Directory Gateways
  3. Cross-Platform Authentication Services
  4. Distributed, Multivendor Directories
  5. Metadirectories
  6. Push/Pull Agents for Directory Synchronization
5. Chapter 10 Net::LDAP and Perl
  1. The Net::LDAP Module
  2. Connecting, Binding, and Searching
  3. Working with Net::LDAP::LDIF
  4. Updating the Directory
  5. Advanced Net::LDAP Scripting
Appendixes
1. Appendix A PAM and NSS
  1. Pluggable Authentication Modules
  2. Name Service Switch (NSS)
2. Appendix B OpenLDAP Command-Line Tools
  1. Debugging Options
  2. Slap Tools
  3. LDAP Tools
3. Appendix C Common Attributes and Objects
  1. Schema Files
  2. Attributes
  3. Object Classes
4. Appendix D LDAP RFCs, Internet-Drafts, and Mailing Lists
  1. Requests for Comments
  2. Mailing Lists
5. Appendix E slapd.conf ACLs
  1. What?
  2. Who?
  3. How Much?
  4. Examples

Colophon

Books & Videos

LDAP System Administration

Putting Directories to Work

Read on Safari with a 10-day trial

Table of Contents

LDAP Basics

Chapter 1 "Now where did I put that...?", or "What is a directory?"

Chapter 2 LDAPv3 Overview

Chapter 3 OpenLDAP

Chapter 4 OpenLDAP: Building a Company White Pages

Chapter 5 Replication, Referrals, Searching, and SASL Explained

Application Integration

Chapter 6 Replacing NIS

Chapter 7 Email and LDAP

Chapter 8 Standard Unix Services and LDAP

Chapter 9 LDAP Interoperability

Chapter 10 Net::LDAP and Perl

Appendixes

Appendix A PAM and NSS

Appendix B OpenLDAP Command-Line Tools

Appendix C Common Attributes and Objects

Appendix D LDAP RFCs, Internet-Drafts, and Mailing Lists

Appendix E slapd.conf ACLs

Colophon