On Fri, 2009-07-31 at 08:20 +0100, Tony Molloy wrote:
On Thursday 30 July 2009 19:23:24 Kwan Lowe wrote:
On Thu, Jul 30, 2009 at 1:03 PM, Rob Kampenrkampen@kampensonline.com wrote: [snip]
I have read many hundreds of pages, have purchased O'reilly's LDAP System Administration but cannot seem to get my dirsrv based LDAP to function. I do understand that ds uses LDIF files to store and set things up, but seem unable to grasp the arcane entries that need to exist so I can access it with a basic LDAP client to load my users etc. Also I guess there are certain schemas that need to be used to allow basic functions to work. My wish list: linux user authentication and authorization windows user authentication and authorization (via samba?) customer contact list (name, address, company, phone numbers, email addresses)
- this last one to be used by Thunderbird and my SIP phone system - both
of which profess to speak LDAP I'm sure there are many small business folk that would like something like this, however I cannot find a template with all my searches, so for those of you with better LDAP and or google skills - please point me in the right direction.
I'm going through the same process as Rob ( the OP ) at the moment. I want to setup centos-directory server. initially I want it to replace a NIS and Samba system with about 1200 existing users.
There's a pretty straightforward guide at HowToForge.com (search for "CentOS LDAP"). It's a little dated, but works as advertised. In a nutshell the installation requires installing the centos-ds packages (about 4), installing a Sun Java, and then populating the database. The client side is even simpler.
Installing centos-ds is not a problem. It's what you do after it. Especially for people like me who have no experience with OpenLDAP.
Linux and Windows user authentication is straightforward, with GUI based setup and editing.
With 1200 existing users to be migrated then GUI based setup and editing is not very useful.
The default schema I use doesn't include address, company, etc., but these are very easily added. I tested with kaddressbook and a couple other LDAP browsers without any glitches.
I'm going through the Howto:Samba from <directory.fedoraproject.org> at the moment and hopefully that will get me started.
But what would be nice is:
- Howto:migtate existing NIS to CentosDS
- Howto:migrate existing Samba to CentosDS
---- seriously...I don't think you are ever going to find such a beast.
There are some really good tools from padl to migrate nis to ldap (on Redhat/CentOS installed as part of openldap-servers package). This may require some amount of script-fu (perl, sed, awk, etc.) but not too much. Then to add the samba attributes/passwords/machine accounts will require a larger dose of script-fu.
But this all would be virtually impossible without a decent knowledge of how LDAP works and that is regardless of whether you use CentOS-DS or OpenLDAP.
Craig