Re: A general purpose LDAP solution?

Mon, 24 Mar 2008 16:02:43 -0700 

Jon Theil Nielsen wrote:

I asked this on freebsd-net@ but got no replies. So now I ask the same
question here.

Hi list!

 >
 >  I have speculated a lot about implementation of (Open)LDAP on my
 >  sever. By I haven't yet found the right (and logical) way to do it.
 >  I'm running FreeBSD 7.0-Release with some different server applications
 >  - Samba PDC
 >  - Virtual mail server (Postfix, MySQL, Courier-IMAP)
 >  - VPN (currently with mpd4)
 >  - Apache-2.2.8 web server (with PHP and MySQL)
 >  I would like to implement LDAP for:
 >  - authentication of UNIX/login users
 >  - authentication of Samba users
 >  - authentication/authorization of virtual mail users
 >  For the first part, I got useful information from a previsous thread
 >  
(http://unix.derkeiler.com/Mailing-Lists/FreeBSD/questions/2008-02/msg01047.html)
 >  and for the second part, i guess there is sufficient howtos to make it
 >  work.
 >  My biggest question right now is if is possible to combine all three
 >  things in one data structure. And which in which order I should make
 >  the different implimentions.
 >  Excuse my total lack of understanding, but is it possible to have a
 >  structure with a superior unit such as OU=<some organization> which
 >  could contain several virtual domains and the actual doamin for my
 >  PDC?
 >
 >  --
 > Jon Theil Nielsen

Oh, i forgot one more thing: I would also like to be able to
 authenticate VPN users the same way.
 --
Jon Theil Nielsen
It's easy to find out if LDAP is a global solution for you. See if LDAP is an available option in each port's config.
I just finished setting up a LDAP-based email system. Samba is capable, unix logins are capable. There's a good chance everything is.
I liked the virtual part of everything, so I stopped after getting email working. I didn't want to open up my system to all sorts of unix/samba logins that might exploit or give me problems.
The email system I documented isn't ready for publishing. I'm having some select friends review it and proofread it first.
If there's any interest here, I will provide a 2nd publishing to the general public as a draft. Not to be used exclusively yet. 

Jon, you should be able to get most if not all of it working though.

--Tim
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to