[CentOS] LDAP howto using ds-base and ds-admin and related consoles

Thu Jul 30 17:48:45 UTC 2009
James Chamberlain <jamesc at exa.com>

On Jul 30, 2009, at 1:03 PM, Rob Kampen wrote:

> Hi,
> I have previously used openLDAP and read many of their howto  
> documents for establishing an LDAP server.
> RH and CentOS provide <brand>-ds-base and related rpms and I like  
> what I see and read about the product.
> I found the wiki article on installing the rpms and getting it  
> running on a server - so far so good.
> Then I fall into a big hole.
> What are the key items that need to be put in place to actually make  
> it useful for my domain?
> Is there a document somewhere for those of us that want to bridge  
> from openLDAP to the RH based product?
> I have read many hundreds of pages, have purchased O'reilly's LDAP  
> System Administration but cannot seem to get my dirsrv based LDAP to  
> function.
> I do understand that ds uses LDIF files to store and set things up,  
> but seem unable to grasp the arcane entries that need to exist so I  
> can access it with a basic LDAP client to load my users etc.
> Also I guess there are certain schemas that need to be used to allow  
> basic functions to work.
> My wish list:
> linux user authentication and authorization
> windows user authentication and authorization (via samba?)
> customer contact list (name, address, company, phone numbers, email  
> addresses)
> - this last one to be used by Thunderbird and my SIP phone system -  
> both of which profess to speak LDAP
> I'm sure there are many small business folk that would like  
> something like this, however I cannot find a template with all my  
> searches, so for those of you with better LDAP and or google skills  
> - please point me in the right direction.
> Thanks
> Rob

Hi Rob,

The documentation for the 389 Directory Server (née Fedora Directory  
Server) may answer a lot of your questions.  Since Red Hat Directory  
Server (and therefore CentOS Directory Server) is based on its code, I  
think you'll find much of its documentation applicable.


Among other things, you should find pages on the linked site which  
talk about authentication, migration from OpenLDAP, Samba, etc.