On Fri, 2009-07-31 at 08:20 +0100, Tony Molloy wrote: > On Thursday 30 July 2009 19:23:24 Kwan Lowe wrote: > > On Thu, Jul 30, 2009 at 1:03 PM, Rob Kampen<rkampen at kampensonline.com> > > wrote: [snip] > > > > > I have read many hundreds of pages, have purchased O'reilly's LDAP System > > > Administration but cannot seem to get my dirsrv based LDAP to function. > > > I do understand that ds uses LDIF files to store and set things up, but > > > seem unable to grasp the arcane entries that need to exist so I can > > > access it with a basic LDAP client to load my users etc. > > > Also I guess there are certain schemas that need to be used to allow > > > basic functions to work. > > > My wish list: > > > linux user authentication and authorization > > > windows user authentication and authorization (via samba?) > > > customer contact list (name, address, company, phone numbers, email > > > addresses) > > > - this last one to be used by Thunderbird and my SIP phone system - both > > > of which profess to speak LDAP > > > I'm sure there are many small business folk that would like something > > > like this, however I cannot find a template with all my searches, so for > > > those of you with better LDAP and or google skills - please point me in > > > the right direction. > > > > I'm going through the same process as Rob ( the OP ) at the moment. I want to > setup centos-directory server. initially I want it to replace a NIS and Samba > system with about 1200 existing users. > > > There's a pretty straightforward guide at HowToForge.com (search for > > "CentOS LDAP"). It's a little dated, but works as advertised. In a > > nutshell the installation requires installing the centos-ds packages > > (about 4), installing a Sun Java, and then populating the database. > > The client side is even simpler. > > Installing centos-ds is not a problem. It's what you do after it. Especially > for people like me who have no experience with OpenLDAP. > > > > > Linux and Windows user authentication is straightforward, with GUI > > based setup and editing. > > > > With 1200 existing users to be migrated then GUI based setup and editing is > not very useful. > > > The default schema I use doesn't include address, company, etc., but > > these are very easily added. I tested with kaddressbook and a couple > > other LDAP browsers without any glitches. > > I'm going through the Howto:Samba from <directory.fedoraproject.org> at the > moment and hopefully that will get me started. > > But what would be nice is: > > 1. Howto:migtate existing NIS to CentosDS > 2. Howto:migrate existing Samba to CentosDS ---- seriously...I don't think you are ever going to find such a beast. There are some really good tools from padl to migrate nis to ldap (on Redhat/CentOS installed as part of openldap-servers package). This may require some amount of script-fu (perl, sed, awk, etc.) but not too much. Then to add the samba attributes/passwords/machine accounts will require a larger dose of script-fu. But this all would be virtually impossible without a decent knowledge of how LDAP works and that is regardless of whether you use CentOS-DS or OpenLDAP. Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.