LDAP help
2007-03-30 20:39:33.08561+02 by
Dan Lyke
4 comments
Hey, anyone out there got suggestions for a simple example based intro to LDAP? I just want to set up an LDAP server with a couple of users in it that various applications (Scarab, Crucible, FishEye, a few Apache protected files...) can talk to for authentication. I don't want to have to try to figure out what "sn:
and "cn:
" means, I just want a simple sample "ldif" file into which I can stuff a multi-word user name (ie: "Dan Lyke"), a user login id ("danlyke") and a password, run ldapadd
on it, and know that I've got a reasonable chance of success of logging in if I point one of those apps to my LDAP server.
comments in descending chronological order (reverse):
#Comment Re: made: 2007-04-03 17:35:50.167124+02 by:
Dan Lyke
Aigh. Okay, so I get it working, and then discover that those commercial applications we purchased, tht were chosen because they'd allegedly help us do this stuff, don't do this unless we buy the many thousands of dollars more version.
Grumble.
#Comment Re: made: 2007-03-31 20:12:46.122847+02 by:
Dan Lyke
Getting the server up is the easy part, figuring out what the hell to do with it is harder.
I've found a bunch of different pages over at YoLinux, but I think the idea of putting in some sort of PHP GUI for this and hoping I can make it work their way. I don't want enterprise level consolidated account management, if anything I'd rather we keep these accounts far separated from other Un*x logins, I just want a couple of apps to be able to share username and password data ("Is that so wrong?"... [grin]).
#Comment Re: made: 2007-03-31 15:40:56.289567+02 by:
John Anderson
[edit history]
There have been a series of articles over the last several months in one of the American Linux magazines. Don't remember if it was Linux Journal or Linux Magazine. Whichever, it was a pretty gentle hand-holding introduction -- not exactly what you're looking for, but I'm not sure you're going to be able to use it without getting hip-deep into the details. (The 'lightweight' is only relative to X.500, which I'm told is soul-destroyingly complex...)
You might be happier if you follow something like the Linux LDAP Howto[1] to get the basic server up, then install something like phpLDAPadmin[2] to handle the modification stuff.
[1]: http://tldp.org/HOWTO/LDAP-HOWTO/
[2]: http://phpldapadmin.sourceforge.net/
(I'm not sure I'm completely answering what you're asking, so apologies if I'm mistaking your intent a bit. I suspect I'm a mentally bit too close to the whole SSO/LDAP/AD/Kerberos/creeping Lovecraftian horror that is enterprise-level consolidated account management to be objective...)
#Comment Re: made: 2007-03-31 04:28:44.041013+02 by:
meuon
[edit history]
Good luck. My personal forays into LDAP have made me go straight back to MySQL.