Presentation is loading. Please wait.

Presentation is loading. Please wait.

LDAP Overview Kevin Moseley Server Team Manager Walgreen Co.

Published byRodger Black Modified over 8 years ago

Similar presentations

Presentation on theme: "LDAP Overview Kevin Moseley Server Team Manager Walgreen Co."— Presentation transcript:

1 LDAP Overview Kevin Moseley Server Team Manager Walgreen Co.

2 What is LDAP? ● LDAP (Lightweight Directory Access Protocol) is just that; a protocol. ● There are many implementations of LDAP including Sun iPlanet, RedHat Directory Server, and of course OpenLdap.

3 LDAP Overview ● Based on x.500 directory but has removed some of the more obscure features. ● Allows for full distinguished names. Allows for users to have same username since they are differentiated by context. ● Creates a central repository for user credentials and information. ● LDAP is optimized for reads.

4 LDAP Tree Example

5 LDAP Implementation ● Hardware requirements ● Depends on number of users. ● Fault tolerance requirements. ● Software requirements ● This presentation is based on OpenLdap. ● Any un*x based OS should be able to run OpenLdap. ● Most likely you will get a precompiled binary from your distribution vendor.

6 LDAP Terminology ● Schema: Is what defines the characteristics of an object. (i.e. A user schema is name, password, email) ● Some options are required where others are optional. ● Relative distinguished name: dn:cn=Joe user ● Fully distinguished name: dn:cn=Joe user,ou=users,dc=company,dc=com.

7 LDAP Utilities ● Ldapsearch: Used to query the LDAP database. ● Ldapadd: Used to add entries to the LDAP database. Linked to ldapmodify. ● Ldapmodify: Used to modify existing entries in an LDAP database. ● Ldapdelete: Used to remove entries from a ldap database. ● Ldapmodrdn: Used to modify the RDN of an object.

8 LDAP Utilities cont. ● Slapcat: used to concatenate an ldap database into a LDIF file. Useful in creating slave LDAP servers and backup. ● NSSswitch used to allow a machine query an ldap server for credentials. ● pam_ldap allows for pam authentication against an ldap server.

9 Configuring LDAP ● Most configuration will be made to the slapd.conf file. This is the configuration file for the slapd daemon. ● Also configuration for the replication daemon is performed here. The replication daemon is called slurpd. ● Things you want to configure are context, replication partners, database options.

10 Configuring LDAP cont. ● Slapd.conf is where you configure acl's for permissions on the directory. ● Also you configure the indexes for the database backend. ● Configure the number of cached objects in memory.

11 Example of slapd.conf

12 Adding users and objects ● Most additions can be made via a LDIF file. This file will allow for multiple additions to be made at one time. ● Nice because you can then script the addition of users or objects.

13 Replication overview

14 Verify LDAP is working ● Query the ldap server to verify it is responding to queries. ● Use ldapsearch -x -b “dc=company,dc=com” “(objectclass=*)”

15 Possible uses of LDAP ● Samba authentication. ● Machine authentication. ● VPN and Radius authentication. ● Phone and email directory. ● Store sendmail configuration. ● Automount config. ● Store BIND zone files (with a patch) ● Interoperate with Active Directory.

16 More information.... ● LDAP System Administration by O'Reilly ● OpenLdap website: www.openldap.orgwww.openldap.org ● www.google.com www.google.com ● www.padl.com www.padl.com

17 Questions and answers

Download ppt "LDAP Overview Kevin Moseley Server Team Manager Walgreen Co."

Similar presentations

ECS and LDAP Karen Krivaa Product Marketing Manager.

ECS and LDAP Karen Krivaa Product Marketing Manager.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 7 Configuring File Services in Windows Server 2008.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 7 Configuring File Services in Windows Server 2008.
LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH.

LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH.
Authenticating REST/Mobile clients using LDAP and OERealm

Authenticating REST/Mobile clients using LDAP and OERealm
Presentation #36576 Presentation #36576 Oracle9i LDAP: Advanced Configuration of Directory Naming Daniel T. Liu Senior Technical consultant First American.

Presentation #36576 Presentation #36576 Oracle9i LDAP: Advanced Configuration of Directory Naming Daniel T. Liu Senior Technical consultant First American.
CIT 470: Advanced Network and System Administration

CIT 470: Advanced Network and System Administration
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.

A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.
1 CSIT 320. Just as the combination of a database and a database management system collects and organizes information about an institution/company/… as.

1 CSIT 320. Just as the combination of a database and a database management system collects and organizes information about an institution/company/… as.
Module 1: Installing Active Directory Domain Services

Module 1: Installing Active Directory Domain Services
Directory services Unit objectives

Directory services Unit objectives
11 REVIEWING MICROSOFT ACTIVE DIRECTORY CONCEPTS Chapter 1.

11 REVIEWING MICROSOFT ACTIVE DIRECTORY CONCEPTS Chapter 1.
Chapter 4 Windows NT/2000 Overview. NT Concepts  Domains –A group of one or more NT machines that share an authentication database (SAM) –Single sign-on.

Chapter 4 Windows NT/2000 Overview. NT Concepts  Domains –A group of one or more NT machines that share an authentication database (SAM) –Single sign-on.
Module 12: Designing an AD LDS Implementation. AD LDS Usage AD LDS is most commonly used as a solution to the following requirements: Providing an LDAP-based.

Module 12: Designing an AD LDS Implementation. AD LDS Usage AD LDS is most commonly used as a solution to the following requirements: Providing an LDAP-based.
K. Stoeckigt, E. Verharen, Secure real-time audio/video communication – H.350,

K. Stoeckigt, E. Verharen, Secure real-time audio/video communication – H.350,
Introduction To OpenLDAP Directory Services. What is a Directory Service? A specialized database optimized for reading, browsing, and searching. No complicated.

Introduction To OpenLDAP Directory Services. What is a Directory Service? A specialized database optimized for reading, browsing, and searching. No complicated.
Directory Server Campus Booster ID: 351 www.supinfo.com Copyright © SUPINFO. All rights reserved OpenLDAP.

Directory Server Campus Booster ID: Copyright © SUPINFO. All rights reserved OpenLDAP.
Bynari, Inc. Sharing made easy Doug Finch Director of Technical Support Bynari, Inc.

Bynari, Inc. Sharing made easy Doug Finch Director of Technical Support Bynari, Inc.

Similar presentations

Ads by Google