On Sun, 23 Mar 2008 23:26:51 +0100 "Jon Theil Nielsen" <[EMAIL PROTECTED]> wrote:
> 2008/3/23, Jon Theil Nielsen <[EMAIL PROTECTED]>: > > Hi list! > > > > I have speculated a lot about implementation of (Open)LDAP on my > > sever. By I haven't yet found the right (and logical) way to do > > it. I'm running FreeBSD 7.0-Release with some different server > > applications > > - Samba PDC > > - Virtual mail server (Postfix, MySQL, Courier-IMAP) > > - VPN (currently with mpd4) > > - Apache-2.2.8 web server (with PHP and MySQL) > > I would like to implement LDAP for: > > - authentication of UNIX/login users > > - authentication of Samba users > > - authentication/authorization of virtual mail users > > For the first part, I got useful information from a previsous > > thread > > (http://unix.derkeiler.com/Mailing-Lists/FreeBSD/questions/2008-02/msg01047.html) > > and for the second part, i guess there is sufficient howtos to > > make it work. My biggest question right now is if is possible to > > combine all three things in one data structure. And which in > > which order I should make the different implimentions. > > Excuse my total lack of understanding, but is it possible to > > have a structure with a superior unit such as OU=<some > > organization> which could contain several virtual domains and the > > organization> actual doamin for my > > PDC? > > > > -- > > Jon Theil Nielsen > Oh, i forgot one more thing: I would also like to be able to > authenticate VPN users the same way. For foo.bar and monkies.foo.bar, I would do it as below. And remember, PAM is your friend. And on a similar note, I am goat fragging surprised Postfix does not have a native PAM auth backend yet. ou=users,dc=foo,dc=bar ou=users,dc=monkies,dc=foo,bar In regards to VPN, you may wish to look into OpenVPN. It has a scriptable password checking mechanism. http://openvpn.net/index.php/documentation/howto.html#auth Enjoy playing with the nastiness that is Samba and LDAP. =^.^= On another note, I changed this from the net list to the questions list as I don't think this really falls under FreeBSD net related stuff. _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
