From owner-freebsd-questions@FreeBSD.ORG Tue Mar 25 13:28:00 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E1F95106564A for ; Tue, 25 Mar 2008 13:28:00 +0000 (UTC) (envelope-from trey@fastmail.fm) Received: from out3.smtp.messagingengine.com (out3.smtp.messagingengine.com [66.111.4.27]) by mx1.freebsd.org (Postfix) with ESMTP id A82ED8FC1B for ; Tue, 25 Mar 2008 13:28:00 +0000 (UTC) (envelope-from trey@fastmail.fm) Received: from compute1.internal (compute1.internal [10.202.2.41]) by out1.messagingengine.com (Postfix) with ESMTP id BDE87E0421; Tue, 25 Mar 2008 09:11:42 -0400 (EDT) Received: from heartbeat2.messagingengine.com ([10.202.2.161]) by compute1.internal (MEProxy); Tue, 25 Mar 2008 09:11:42 -0400 X-Sasl-enc: VbY1QNKWyHL59nEGSUw3m6X7eNCNKQiaP/H77ZdMhpD6 1206450702 Received: from localhost (h19.43.18.98.ip.windstream.net [98.18.43.19]) by mail.messagingengine.com (Postfix) with ESMTPSA id 308C830528; Tue, 25 Mar 2008 09:11:42 -0400 (EDT) Date: Tue, 25 Mar 2008 09:11:41 -0400 From: Trey Sizemore To: Tim Judd Message-ID: <20080325131140.GA1746@valkyrie> Mail-Followup-To: Tim Judd , Jon Theil Nielsen , freebsd-questions@freebsd.org References: <8f82c35c0803231523i52e55906tfd3cf96b36fe70d7@mail.gmail.com> <8f82c35c0803231526n5a429cb5t1c81a7f98dfb19ea@mail.gmail.com> <8f82c35c0803241540k36c8d551tfcfd172d6a4a7f9b@mail.gmail.com> <47E83215.8030705@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <47E83215.8030705@gmail.com> User-Agent: Mutt/1.5.17cvs (2008-03-09) Cc: Jon Theil Nielsen , freebsd-questions@freebsd.org Subject: Re: A general purpose LDAP solution? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Mar 2008 13:28:01 -0000 On Mon Mar 24, 2008 04:58PM, Tim Judd wrote: > Jon Theil Nielsen wrote: >> I asked this on freebsd-net@ but got no replies. So now I ask the same >> question here. >> >>> Hi list! >>> >> > >> > I have speculated a lot about implementation of (Open)LDAP on my >> > sever. By I haven't yet found the right (and logical) way to do it. >> > I'm running FreeBSD 7.0-Release with some different server applications >> > - Samba PDC >> > - Virtual mail server (Postfix, MySQL, Courier-IMAP) >> > - VPN (currently with mpd4) >> > - Apache-2.2.8 web server (with PHP and MySQL) >> > I would like to implement LDAP for: >> > - authentication of UNIX/login users >> > - authentication of Samba users >> > - authentication/authorization of virtual mail users >> > For the first part, I got useful information from a previsous thread >> > (http://unix.derkeiler.com/Mailing-Lists/FreeBSD/questions/2008-02/msg01047.html) >> > and for the second part, i guess there is sufficient howtos to make it >> > work. >> > My biggest question right now is if is possible to combine all three >> > things in one data structure. And which in which order I should make >> > the different implimentions. >> > Excuse my total lack of understanding, but is it possible to have a >> > structure with a superior unit such as OU= which >> > could contain several virtual domains and the actual doamin for my >> > PDC? >> > >> > -- >> > Jon Theil Nielsen >> >> Oh, i forgot one more thing: I would also like to be able to >> authenticate VPN users the same way. >> -- >> Jon Theil Nielsen >> > > It's easy to find out if LDAP is a global solution for you. See if LDAP > is an available option in each port's config. > > I just finished setting up a LDAP-based email system. Samba is capable, > unix logins are capable. There's a good chance everything is. > > I liked the virtual part of everything, so I stopped after getting email > working. I didn't want to open up my system to all sorts of unix/samba > logins that might exploit or give me problems. > > The email system I documented isn't ready for publishing. I'm having > some select friends review it and proofread it first. > > If there's any interest here, I will provide a 2nd publishing to the > general public as a draft. Not to be used exclusively yet. > > Jon, you should be able to get most if not all of it working though. > > --Tim I would like to see the documentation as well. -- Cheers, Trey ---- The universe is change; our life is what our thoughts make it. --Antoninus, Marcus Aurelius Linux valkyrie 2.6.22.17-0.1-bigsmp i686 GNU/Linux 9:10am up 11:11, 7 users, load average: 0.98, 0.98, 1.06