OK, I'm mostly through everything up to and including Chapter 5 in http://www.redhat.com/docs/manuals/dir-server/8.1/install/Installation_Guide...
And looking through the ToC for the rest, I do not see that my questions will be answered by this doc. So please feel free to point me to other docs.
This manual seems to assuming I already know what it is I want to do, and what "Directory Services" are all about. Invalid assumption.
For example, right now I am reading about how to set up different instances of this-or-that (Admin Server, Directory Server, yadda, yadda). What it does not tell me is why I would want to do that. It does not even tell me "what is an 'instance'" .
I've never done any sort of DS, so this is all new stuff to me. Suggested reading is very welcomed.
What is even more welcome is pointers to case studies or template examples. We are a very small company with only about 30 people right now. Though we do have a convoluted network with 3 distinct network areas separated by VPNs. I'm new here (and put in charge), and we are not even running DNS yet (eeep! for REALZ!!!). To me it makes sense to have 3 different DNS subdomains because of some quirks they have in their product architecture here. I'm thinking "office.example.dom", "production.example.com" and "rc.example.com". And from the bit I've read so far on DS, it seems to be recommended to have your DS mirror your DNS. So we are small enough where I do not think we need more than 1 server to run it all. And I can make all the machines talk to that server through the firewalls separating the 3 zones. That is not an issue at all. I'm not sure how this affects my DS. Would these be "instances"?
So many questions ... please suggest reading material.
thanks, -Alan
OK, with some URL hacking I found this -
http://www.redhat.com/docs/manuals/dir-server/8.1/admin/index.html
Staring into it ...
Alan McKay wrote:
OK, I'm mostly through everything up to and including Chapter 5 in http://www.redhat.com/docs/manuals/dir-server/8.1/install/Installation_Guide...
And looking through the ToC for the rest, I do not see that my questions will be answered by this doc. So please feel free to point me to other docs.
This manual seems to assuming I already know what it is I want to do, and what "Directory Services" are all about. Invalid assumption.
For example, right now I am reading about how to set up different instances of this-or-that (Admin Server, Directory Server, yadda, yadda). What it does not tell me is why I would want to do that. It does not even tell me "what is an 'instance'" .
I've never done any sort of DS, so this is all new stuff to me. Suggested reading is very welcomed.
What is even more welcome is pointers to case studies or template examples. We are a very small company with only about 30 people right now. Though we do have a convoluted network with 3 distinct network areas separated by VPNs. I'm new here (and put in charge), and we are not even running DNS yet (eeep! for REALZ!!!). To me it makes sense to have 3 different DNS subdomains because of some quirks they have in their product architecture here. I'm thinking "office.example.dom", "production.example.com" and "rc.example.com". And from the bit I've read so far on DS, it seems to be recommended to have your DS mirror your DNS.
You don't _have_ to delegate DNS subdomains off to different servers or make different zone files for them. It just provides a hierarchical branch point if different people will be managing the namespace. If it is all managed together, it is fine to have records for a.office.example.com and a.production.example.com all in the zone file for example.com.
This is the sort of thing that leaves me baffled :
http://www.redhat.com/docs/manuals/dir-server/8.1/admin/Creating_Directory_E...
It tells me the following, but does not really provide a context for me as to why I'd want to do this or how this would relate to the real-world problem I am trying to solve. I think I'm going to have to pick up a copy of the LDAP book someone mentioned a while back in another of my threads.
3.1.1. Creating a Root Entry Each time a new database is created, it is associated with the suffix that will be stored in the database. The directory entry representing that suffix is not automatically created. To create a root entry for a database:
On Thu, 2009-11-19 at 12:31 -0500, Alan McKay wrote:
This is the sort of thing that leaves me baffled :
http://www.redhat.com/docs/manuals/dir-server/8.1/admin/Creating_Directory_E...
It tells me the following, but does not really provide a context for me as to why I'd want to do this or how this would relate to the real-world problem I am trying to solve. I think I'm going to have to pick up a copy of the LDAP book someone mentioned a while back in another of my threads.
Alan,
Yes, RH documentation can be a little terse.
Look at the fedora 389 directory server (aka fedora directory server) documentation:
http://directory.fedoraproject.org/wiki/Documentation
There is also a brief writeup on LDAP architecture there:
http://directory.fedoraproject.org/wiki/Architecture
Steve
On Thu, Nov 19, 2009 at 1:40 PM, S.Tindall tindall.satwth@brandxmail.com wrote:
Look at the fedora 389 directory server (aka fedora directory server) documentation:
thanks - on my way!
Alan McKay wrote:
This is the sort of thing that leaves me baffled :
http://www.redhat.com/docs/manuals/dir-server/8.1/admin/Creating_Directory_E...
It tells me the following, but does not really provide a context for me as to why I'd want to do this or how this would relate to the real-world problem I am trying to solve. I think I'm going to have to pick up a copy of the LDAP book someone mentioned a while back in another of my threads.
3.1.1. Creating a Root Entry Each time a new database is created, it is associated with the suffix that will be stored in the database. The directory entry representing that suffix is not automatically created. To create a root entry for a database:
Alan, I have Gerald Carters Book - published by O'reilly called "LDAP System Administration" It gives a bit more of the stuff you're looking for as to: why do certain things....? It is openLDAP centric, thus will need to deal with the differences. I have a plan to get my own LDAP working any day now (have installed CentOS DS on two machines - this is straight forward and works as per the wiki instructions) but not yet managed to get it playing nice. HTH Rob
-
Alan McKay -
Les Mikesell -
Rob Kampen -
S.Tindall