LDAP System Administration

Larger Cover

By Gerald Carter

Publisher: O'Reilly Media

Released: March 2003

Pages: 310

Be more productive and make your life easier. That's what LDAP System Administration is all about.

System administrators often spend a great deal of time managing configuration information located on many different machines: usernames, passwords, printer configurations, email client configurations, and network filesystem configurations, to name a few. LDAPv3 provides tools for centralizing all of the configuration information and placing it under your control. Rather than maintaining several administrative databases (NIS, Active Directory, Samba, and NFS configuration files), you can make changes in only one place and have all your systems immediately "see" the updated information.

Practically platform independent, this book uses the widely available, open source OpenLDAP 2 directory server as a premise for examples, showing you how to use it to help you manage your configuration information effectively and securely. OpenLDAP 2 ships with most Linux® distributions and Mac OS® X, and can be easily downloaded for most Unix-based systems. After introducing the workings of a directory service and the LDAP protocol, all aspects of building and installing OpenLDAP, plus key ancillary packages like SASL and OpenSSL, this book discusses:

Configuration and access control
Distributed directories; replication and referral
Using OpenLDAP to replace NIS
Using OpenLDAP to manage email configurations
Using LDAP for abstraction with FTP and HTTP servers, Samba, and Radius
Interoperating with different LDAP servers, including Active Directory
Programming using Net::LDAP

If you want to be a master of your domain, LDAP System Administration will help you get up and running quickly regardless of which LDAP version you use. After reading this book, even with no previous LDAP experience, you'll be able to integrate a directory server into essential network services such as mail, DNS, HTTP, and SMB/CIFS.

LDAP Basics
1. Chapter 1 "Now where did I put that...?", or "What is a directory?"
  1. The Lightweight Directory Access Protocol
  2. What Is LDAP?
  3. LDAP Models
2. Chapter 2 LDAPv3 Overview
  1. LDIF
  2. What Is an Attribute?
  3. What Is the dc Attribute?
  4. Schema References
  5. Authentication
  6. Distributed Directories
  7. Continuing Standardization
3. Chapter 3 OpenLDAP
  1. Obtaining the OpenLDAP Distribution
  2. Software Requirements
  3. Compiling OpenLDAP 2
  4. OpenLDAP Clients and Servers
  5. The slapd.conf Configuration File
  6. Access Control Lists (ACLs)
4. Chapter 4 OpenLDAP: Building a Company White Pages
  1. A Starting Point
  2. Defining the Schema
  3. Updating slapd.conf
  4. Starting slapd
  5. Adding the Initial Directory Entries
  6. Graphical Editors
5. Chapter 5 Replication, Referrals, Searching, and SASL Explained
  1. More Than One Copy Is "a Good Thing"
  2. Distributing the Directory
  3. Advanced Searching Options
  4. Determining a Server's Capabilities
  5. Creating Custom Schema Files for slapd
  6. SASL and OpenLDAP
Application Integration
1. Chapter 6 Replacing NIS
  1. More About NIS
  2. Schemas for Information Services
  3. Information Migration
  4. The pam_ldap Module
  5. The nss_ldap Module
  6. OpenSSH, PAM, and NSS
  7. Authorization Through PAM
  8. Netgroups
  9. Security
  10. Automount Maps
  11. PADL's NIS/LDAP Gateway
2. Chapter 7 Email and LDAP
  1. Representing Users
  2. Email Clients and LDAP
  3. Mail Transfer Agents (MTAs)
3. Chapter 8 Standard Unix Services and LDAP
  1. The Directory Namespace
  2. An FTP/HTTP Combination
  3. User Authentication with Samba
  4. FreeRadius
  5. Resolving Hosts
  6. Central Printer Management
4. Chapter 9 LDAP Interoperability
  1. Interoperability or Integration?
  2. Directory Gateways
  3. Cross-Platform Authentication Services
  4. Distributed, Multivendor Directories
  5. Metadirectories
  6. Push/Pull Agents for Directory Synchronization
5. Chapter 10 Net::LDAP and Perl
  1. The Net::LDAP Module
  2. Connecting, Binding, and Searching
  3. Working with Net::LDAP::LDIF
  4. Updating the Directory
  5. Advanced Net::LDAP Scripting
Appendixes
1. Appendix A PAM and NSS
  1. Pluggable Authentication Modules
  2. Name Service Switch (NSS)
2. Appendix B OpenLDAP Command-Line Tools
  1. Debugging Options
  2. Slap Tools
  3. LDAP Tools
3. Appendix C Common Attributes and Objects
  1. Schema Files
  2. Attributes
  3. Object Classes
4. Appendix D LDAP RFCs, Internet-Drafts, and Mailing Lists
  1. Requests for Comments
  2. Mailing Lists
5. Appendix E slapd.conf ACLs
  1. What?
  2. Who?
  3. How Much?
  4. Examples

Colophon

Title:

LDAP System Administration

By:

Gerald Carter

Publisher:

O'Reilly Media

Formats:

Print
Ebook
Safari Books Online

Print:

March 2003

Ebook:

February 2009

Pages:

310

Print ISBN:

978-1-56592-491-8

| ISBN 10:

1-56592-491-6

Ebook ISBN:

978-0-596-10335-4

| ISBN 10:

0-596-10335-2

Colophon

Our look is the result of reader comments, our own experimentation, and feedback from distribution channels. Distinctive covers complement our distinctive approach to technical topics, breathing personality and life into potentially dry subjects. The animal on the cover of LDAP System Administration is a mink (Mustela vison). Mink are found throughout the United States and Canada except in Arizona, the Arctic, and some offshore islands. A mink's fur is mostly brown with some white spots around the throat, chin, and chest. Its coat is thick, soft, and waterproof (thanks to guard hairs covered with an oily protective substance). Its body is streamlined and skinny with short legs and an elongated face. As part of its water-loving nature, a mink's toes are partially webbed. Body length varies but is usually around two feet. The tail comprises almost half of a mink's total length.

Females become fertile during the winter and give birth in April or May. A typical litter ranges between one and eight offspring. M. vison is a solitary species; males are particularly intolerant of each other. They mark their territories with a pungent, musky secretion from their oversized anal glands. They are especially active at night and are skilled swimmers and climbers. Mink dig burrows in banks of lakes and rivers, or they may occupy abandoned dens of other mammals, such as muskrats. Their tastes in food changes from season to season, but they tend to dine on small mammals such as mice, rabbits, and shrews, along with fish and duck.

The main threat to the mink's existence continues to be the fur industry. Most U.S. states and all of Canada have limited trapping seasons with strict quotas on catch size. These provisions help keep mink population densities constant. Mink have few natural enemies other than humans. Occasionally, they will be hunted by coyotes, bobcats, and other meat-eaters. Matt Hutchinson was the production editor and copyeditor for LDAP System Administration. Genevieve d'Entremont proofread the book. Genevieve d'Entremont, Emily Quill and Mary Anne Weeks Mayo provided quality control. Jamie Peppard provided production assistance. Julie Hawks wrote the index.

Emma Colby designed the cover of this book, based on a series design by Edie Freedman. The cover image is a 19th-century engraving from the Dover Pictorial Archive. Emma Colby produced the cover layout with QuarkXPress 4.1 using Adobe's ITC Garamond font.

Bret Kerr designed the interior layout, based on a series design by David Futato. This book was converted by Joe Wizda to FrameMaker 5.5.6 with a format conversion tool created by Erik Ray, Jason McIntosh, Neil Walls, and Mike Sierra that uses Perl and XML technologies. The text font is Linotype Birka; the heading font is Adobe Myriad Condensed; and the code font is LucasFont's TheSans Mono Condensed. The illustrations that appear in this book were produced by Robert Romano and Jessamyn Read using Macromedia FreeHand 9 and Adobe Photoshop 6. The tip and warning icons were drawn by Christopher Bing. This colophon was written by Matt Hutchinson.

Description

Table of Contents

Product Details

Colophon

Recommended for You

Customer Reviews

REVIEW SNAPSHOT®

by PowerReviews

oreilly LDAP System Administration

4.0

(based on 4 reviews)

Reviewed by 4 customers

Sort by

Displaying reviews 1-4

6/28/2011

(0 of 1 customers found this review helpful)

4.0

Good and Bad

By SailorCire

from St. Louis, MO

About Me Student, Sys Admin

Pros

Easy to understand
Helpful examples
Well rounded

Cons

Could be better organized

Best Uses

Intermediate
Novice
Student

Comments about oreilly LDAP System Administration:

A VERY good introduction to OpenLDAP. This slapd.conf is still used (rm -rf /etc/openldap/slapd && touch /etc/openldap/slapd.conf) in Fedora 14.

I would suggest that in an update it shows how to use the apache mode authnz_ldap, but that can easily be figured out with a quick search on the Web.

Also, another good package to write about would be smbldap-tools. The PADL scripts are mentioned, but with the smbldap we can have a full functional NT Domain.

11/18/2009

(5 of 5 customers found this review helpful)

2.0

Dated Material

By chesneyb

from Washington, DC

About Me Sys Admin

Pros

Entertaining

Cons

Not up to date

Best Uses

Intermediate

Comments about oreilly LDAP System Administration:

Material is dated. slapd.conf is no longer used.
If a person were to download OpenLdap, they would be very confused by the examples.

4/27/2004

(1 of 2 customers found this review helpful)

5.0

Great book to introduce and dig fast into OpenLDAP

By Guillaume

from Undisclosed

Comments about oreilly LDAP System Administration:

Good overview of LDAP.

Simple but real and usefull example to pratice OpenLDAP.

Clear, easy to understand...

Must be the first book to read when beginning with LDAP.

7/28/2003

5.0

LDAP System Administration Review

By Sean Hogston

from Undisclosed

Comments about oreilly LDAP System Administration:

So your thinking about LDAP. Instead of wasting hours looking through incomplete LDAP documentation on the web, give this book a try. LDAP System Administration will help you get up and going fast. The book mainly discusses the use of OpenLDAP but most of the information should be helpful with any LDAP server.

There are great sections to help you configure LDAP for use with services like Samba, NIS, and Email. This book even helps with information on not so common topics like SASL.

LDAP System Administration is a book every SysAdmin should have in their library.

Displaying reviews 1-4