Date: Mon, 24 Mar 2008 16:58:29 -0600 From: Tim Judd <tajudd@gmail.com> To: Jon Theil Nielsen <jontheil@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: A general purpose LDAP solution? Message-ID: <47E83215.8030705@gmail.com> In-Reply-To: <8f82c35c0803241540k36c8d551tfcfd172d6a4a7f9b@mail.gmail.com> References: <8f82c35c0803231523i52e55906tfd3cf96b36fe70d7@mail.gmail.com> <8f82c35c0803231526n5a429cb5t1c81a7f98dfb19ea@mail.gmail.com> <8f82c35c0803241540k36c8d551tfcfd172d6a4a7f9b@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Jon Theil Nielsen wrote: > I asked this on freebsd-net@ but got no replies. So now I ask the same > question here. > >> Hi list! >> > > > > I have speculated a lot about implementation of (Open)LDAP on my > > sever. By I haven't yet found the right (and logical) way to do it. > > I'm running FreeBSD 7.0-Release with some different server applications > > - Samba PDC > > - Virtual mail server (Postfix, MySQL, Courier-IMAP) > > - VPN (currently with mpd4) > > - Apache-2.2.8 web server (with PHP and MySQL) > > I would like to implement LDAP for: > > - authentication of UNIX/login users > > - authentication of Samba users > > - authentication/authorization of virtual mail users > > For the first part, I got useful information from a previsous thread > > (http://unix.derkeiler.com/Mailing-Lists/FreeBSD/questions/2008-02/msg01047.html) > > and for the second part, i guess there is sufficient howtos to make it > > work. > > My biggest question right now is if is possible to combine all three > > things in one data structure. And which in which order I should make > > the different implimentions. > > Excuse my total lack of understanding, but is it possible to have a > > structure with a superior unit such as OU=<some organization> which > > could contain several virtual domains and the actual doamin for my > > PDC? > > > > -- > > Jon Theil Nielsen > > Oh, i forgot one more thing: I would also like to be able to > authenticate VPN users the same way. > -- > Jon Theil Nielsen > It's easy to find out if LDAP is a global solution for you. See if LDAP is an available option in each port's config. I just finished setting up a LDAP-based email system. Samba is capable, unix logins are capable. There's a good chance everything is. I liked the virtual part of everything, so I stopped after getting email working. I didn't want to open up my system to all sorts of unix/samba logins that might exploit or give me problems. The email system I documented isn't ready for publishing. I'm having some select friends review it and proofread it first. If there's any interest here, I will provide a 2nd publishing to the general public as a draft. Not to be used exclusively yet. Jon, you should be able to get most if not all of it working though. --Tim
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?47E83215.8030705>