Date: Tue, 25 Mar 2008 09:11:41 -0400 From: Trey Sizemore <trey@fastmail.fm> To: Tim Judd <tajudd@gmail.com> Cc: Jon Theil Nielsen <jontheil@gmail.com>, freebsd-questions@freebsd.org Subject: Re: A general purpose LDAP solution? Message-ID: <20080325131140.GA1746@valkyrie> In-Reply-To: <47E83215.8030705@gmail.com> References: <8f82c35c0803231523i52e55906tfd3cf96b36fe70d7@mail.gmail.com> <8f82c35c0803231526n5a429cb5t1c81a7f98dfb19ea@mail.gmail.com> <8f82c35c0803241540k36c8d551tfcfd172d6a4a7f9b@mail.gmail.com> <47E83215.8030705@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon Mar 24, 2008 04:58PM, Tim Judd wrote: > Jon Theil Nielsen wrote: >> I asked this on freebsd-net@ but got no replies. So now I ask the same >> question here. >> >>> Hi list! >>> >> > >> > I have speculated a lot about implementation of (Open)LDAP on my >> > sever. By I haven't yet found the right (and logical) way to do it. >> > I'm running FreeBSD 7.0-Release with some different server applications >> > - Samba PDC >> > - Virtual mail server (Postfix, MySQL, Courier-IMAP) >> > - VPN (currently with mpd4) >> > - Apache-2.2.8 web server (with PHP and MySQL) >> > I would like to implement LDAP for: >> > - authentication of UNIX/login users >> > - authentication of Samba users >> > - authentication/authorization of virtual mail users >> > For the first part, I got useful information from a previsous thread >> > (http://unix.derkeiler.com/Mailing-Lists/FreeBSD/questions/2008-02/msg01047.html) >> > and for the second part, i guess there is sufficient howtos to make it >> > work. >> > My biggest question right now is if is possible to combine all three >> > things in one data structure. And which in which order I should make >> > the different implimentions. >> > Excuse my total lack of understanding, but is it possible to have a >> > structure with a superior unit such as OU=<some organization> which >> > could contain several virtual domains and the actual doamin for my >> > PDC? >> > >> > -- >> > Jon Theil Nielsen >> >> Oh, i forgot one more thing: I would also like to be able to >> authenticate VPN users the same way. >> -- >> Jon Theil Nielsen >> > > It's easy to find out if LDAP is a global solution for you. See if LDAP > is an available option in each port's config. > > I just finished setting up a LDAP-based email system. Samba is capable, > unix logins are capable. There's a good chance everything is. > > I liked the virtual part of everything, so I stopped after getting email > working. I didn't want to open up my system to all sorts of unix/samba > logins that might exploit or give me problems. > > The email system I documented isn't ready for publishing. I'm having > some select friends review it and proofread it first. > > If there's any interest here, I will provide a 2nd publishing to the > general public as a draft. Not to be used exclusively yet. > > Jon, you should be able to get most if not all of it working though. > > --Tim I would like to see the documentation as well. -- Cheers, Trey ---- The universe is change; our life is what our thoughts make it. --Antoninus, Marcus Aurelius Linux valkyrie 2.6.22.17-0.1-bigsmp i686 GNU/Linux 9:10am up 11:11, 7 users, load average: 0.98, 0.98, 1.06
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080325131140.GA1746>