OpenLDAP Test Platform - Slackware

This is a discussion on OpenLDAP Test Platform - Slackware ; I need to learn about LDAP for authentication and I need a test platform. I see that Slack 12 has an openLDAP client, but the server is omitted. I found this Slack build script for the server using the friendly ...

+ Reply to Thread
Results 1 to 7 of 7

Thread: OpenLDAP Test Platform

  1. OpenLDAP Test Platform

    I need to learn about LDAP for authentication and I need a test platform.
    I see that Slack 12 has an openLDAP client, but the server is omitted. I
    found this Slack build script for the server using the friendly google:
    http://www.tuxjm.net/downloads/Downl...dap.SlackBuild

    As an openLDAP newb, I would appreciate any advice on whether this script
    looks "close enough" to be appropriate for Slackware 12. It looks okay,
    AFAIK. I am going to substitute OpenLDAP version 2.3.38, and go for it.
    But if there is an openLDAP expert out there with more advice, then I'd
    appreciate hearing about any "heads up" for things to watch out for, etc.

    TIA

    --
    Douglas Mayne

  2. Re: OpenLDAP Test Platform

    Douglas Mayne wrote:
    > I need to learn about LDAP for authentication and I need a test platform.
    > I see that Slack 12 has an openLDAP client, but the server is omitted. I
    > found this Slack build script for the server using the friendly google:
    > http://www.tuxjm.net/downloads/Downl...dap.SlackBuild
    >
    > As an openLDAP newb, I would appreciate any advice on whether this script
    > looks "close enough" to be appropriate for Slackware 12. It looks okay,
    > AFAIK. I am going to substitute OpenLDAP version 2.3.38, and go for it.


    Back in the old days when I used to compile OpenLDAP from source I
    didn't use any Slackbuild script. Instead I built it as the software was
    supposed to be built, probably "./configure; make; sudo make install", or
    maybe I used checkinstall to get a Slackware package from the "make
    install" step.

    > But if there is an openLDAP expert out there with more advice, then I'd
    > appreciate hearing about any "heads up" for things to watch out for, etc.


    I'm no OpenLDAP expert, but I can say that compiling OpenLDAP is the easy
    part. Configuring an LDAP server is a non-trivial task that will require
    some reading. Nor have I used OpenLDAP for authentication, I have only
    used NIS. But then again, setting up a server for authentication is a
    non-trivial task that takes some reading and understanding to get things
    right.

    Do not expect that only a few advices in advance from a newsgroup will
    make this easy for you. You will have to read up on this before doing your
    attempt. Even though you do you homework you might step into some problem.
    Once you have a specific problem it will be the right time to ask
    questions in newsgroups or mailing lists.

    regards Henrik
    --
    The address in the header is only to prevent spam. My real address is:
    hc1(at)poolhem.se Examples of addresses which go to spammers:
    root@localhost postmaster@localhost


  3. Re: OpenLDAP Test Platform

    On Sun, 18 Nov 2007 12:51:32 +0100, Henrik Carlqvist wrote:

    > Douglas Mayne wrote:
    >> I need to learn about LDAP for authentication and I need a test platform.
    >> I see that Slack 12 has an openLDAP client, but the server is omitted. I
    >> found this Slack build script for the server using the friendly google:
    >> http://www.tuxjm.net/downloads/Downl...dap.SlackBuild
    >>
    >> As an openLDAP newb, I would appreciate any advice on whether this script
    >> looks "close enough" to be appropriate for Slackware 12. It looks okay,
    >> AFAIK. I am going to substitute OpenLDAP version 2.3.38, and go for it.

    >
    > Back in the old days when I used to compile OpenLDAP from source I
    > didn't use any Slackbuild script. Instead I built it as the software was
    > supposed to be built, probably "./configure; make; sudo make install", or
    > maybe I used checkinstall to get a Slackware package from the "make
    > install" step.
    >

    I initially had no idea how to configure for the compile, and the link I
    found had some hints, at least. However, that starting point did not
    provide the test platform that I was looking for. I think some database
    backends are required, and that was missing in the configuration. Another
    try yielded a somewhat working server which would allow ldapsearch, etc.

    >
    >> But if there is an openLDAP expert out there with more advice, then I'd
    >> appreciate hearing about any "heads up" for things to watch out for,
    >> etc.

    >
    > I'm no OpenLDAP expert, but I can say that compiling OpenLDAP is the
    > easy part. Configuring an LDAP server is a non-trivial task that will
    > require some reading. Nor have I used OpenLDAP for authentication, I
    > have only used NIS. But then again, setting up a server for
    > authentication is a non-trivial task that takes some reading and
    > understanding to get things right.
    >
    > Do not expect that only a few advices in advance from a newsgroup will
    > make this easy for you. You will have to read up on this before doing
    > your attempt. Even though you do you homework you might step into some
    > problem. Once you have a specific problem it will be the right time to
    > ask questions in newsgroups or mailing lists.
    >
    > regards Henrik
    >

    Note: Comment inline.

    Thanks for the advice. You are definitely right- my work is cut out for
    me. I am only at the beginning of learning this. I have found some online
    tutorials and I am scanning them to see which is best. Another immediate
    obstacle (re: slackware) is that it appears that pam is required to
    authenticate external clients via ldap, but I could be wrong.

    Thanks again.

    --
    Douglas Mayne

  4. Re: OpenLDAP Test Platform

    Douglas Mayne wrote:
    > Another immediate obstacle (re: slackware) is that it appears that pam
    > is required to authenticate external clients via ldap, but I could be
    > wrong.


    It seems as if PAM is not needed:

    http://wombat.san-francisco.ca.us/fa.../cache/95.html

    However, I haven't tried to replace NIS with LDAP myself.

    regards Henrik
    --
    The address in the header is only to prevent spam. My real address is:
    hc1(at)poolhem.se Examples of addresses which go to spammers:
    root@localhost postmaster@localhost


  5. Re: OpenLDAP Test Platform

    Douglas Mayne wrote:
    > obstacle (re: slackware) is that it appears that pam is required to
    > authenticate external clients via ldap, but I could be wrong.


    PV (slack's author) is not a fan of ldap or pam, so it's not included in
    slack. You might be better off learning on a distro with ldap/pam pre
    installed/configured and then coming back to slack when you have some
    experience and know what you are doing and want to accomplish. Just a
    suggestion. Perhaps others can suggest an alternate distro.

    nb

  6. Re: OpenLDAP Test Platform

    On 2007-11-18, Douglas Mayne wrote:
    >
    > Thanks for the advice. You are definitely right- my work is cut out for
    > me. I am only at the beginning of learning this. I have found some online
    > tutorials and I am scanning them to see which is best. Another immediate
    > obstacle (re: slackware) is that it appears that pam is required to
    > authenticate external clients via ldap, but I could be wrong.


    PAM is not required. If you have a Slackware LDAP server, and a PAM
    client, you can configure PAM to work with the Slackware server. If you
    have a Slackware client, you can install the nss_ldap module from
    padl.com to avoid having to use PAM. I can't talk to the SlackBuild
    script you posted, but I also usually just do the standard ./configure
    && make && make install.

    There's an ORA book about LDAP that does a decent job of covering the
    install procedure on both client and server side, as well as configuring
    the LDAP server appropriately to do authentication:

    http://www.oreilly.com/catalog/ldapsa/index.html

    I definitely recommend it, especially if this is part of a job and not
    just a home-fun thing.

    --keith

    --
    kkeller-usenet@wombat.san-francisco.ca.us
    (try just my userid to email me)
    AOLSFAQ=http://www.therockgarden.ca/aolsfaq.txt
    see X- headers for PGP signature information


  7. Re: OpenLDAP Test Platform

    notbob wrote:
    > Douglas Mayne wrote:
    > > obstacle (re: slackware) is that it appears that pam is required to
    > > authenticate external clients via ldap, but I could be wrong.


    > PV (slack's author) is not a fan of ldap or pam, so it's not included in
    > slack. You might be better off learning on a distro with ldap/pam pre
    > installed/configured and then coming back to slack when you have some
    > experience and know what you are doing and want to accomplish. Just a
    > suggestion. Perhaps others can suggest an alternate distro.


    openldap-client is a package in slackware-12.0, this includes libs as well.

    Besides openldap-client one needs nss_ldap from padl.com, that's it. Much
    easier than trying it out on a PAM-distro first

    --
    A: Top Posters! | s/y Charlotta |
    Q: What is the most annoying thing on mailing lists? | FIN-2674 |
    http://www.fe83.org/ Finn Express Purjehtijat ry | ============= |
    Harald H Hannelius | harald (At) iki (dot) fi | GSM +358 50 594 1020

+ Reply to Thread