====== LDAP Information ======

See also: [[software:LDAP]]

Originally created: 2008/08/15 18:30

Some Tags: ssl, ldap, directory, linux, draft

===== References for LDAP =====

There are a variety of tools to manage LDAP directory services. While there are no fully developed Directory Services, Novel, Microsoft, OpenLDAP, SUN, and Red Hat have all developed their own lightweight directory.

http://www.lichteblau.com/ldapvi/

http://www.novell.com/coolsolutions/tools/13976.html

http://developer.novell.com/wiki/index.php/LDAP_Libraries_for_C

http://www.computerperformance.co.uk/w2k3/utilities/ldp.htm

http://www.likewisesoftware.com/products/likewise_open/

http://fedoranews.org/mediawiki/index.php/How_to_setup_and_maintain_OpenLDAP_server_for_your_network

http://wiki.debian.org/LDAP

http://wiki.debian.org/LDAPTools

http://wiki.debian.org/OpenLDAPSetup

http://wiki.debian.org/LDAPOverview

The supported SASL Mechanisms in LDAP can be displayed with the following command: ''ldapsearch -x -b "" -s base supportedSASLMechanisms''

Ref: http://www.openldap.org/lists/openldap-software/200702/msg00126.html

===== LDAP Configuration =====

I added the following commands to '/etc/ldap/ldap.conf' on my Ubuntu server that was Authenticating against 'ubuntuldap.kb0odu.net'.

<code>
 #BASE   dc=example,dc=com
 #URI    ldap://ldap.example.com ldap://ldap-master.example.com:666

 #SIZELIMIT      12
 #TIMELIMIT      15
 #DEREF          never

 #BASE   dc=localdomain
 #URI    ldap://ubuntuldap.kb0odu.net
 URI     ldap://ubuntuldap.kb0odu.net
 BASE dc=localdomain
 ldap_version 3
 SSL no
 rootbinddn cn=admin,dc=localdomain
</code>

Something else added the following line:

<code>
 nss_initgroups_ignoreusers backup, bin, daemon, dhcp, dovecot, games, gnats, irc, klog, libuuid, list,
 lp, mail, man, mysql, news, postfix, postgres, postgrey,proxy, root, sshd, sync, sys, syslog, 
uucp, vmail
</code>