On Wed, 2009-11-04 at 15:26 -0500, Rob Kampen wrote: > m.roth at 5-cent.us wrote: > >> OK, google comes up with what looks like some easy HOWTOs for LDAP > >> > >> I'll dig in and come back with questions as required > >> > >> > > Don't believe it. > > > > The fall of '06, my manager and the other admin and I were discussing what > > to use for single sign-on. NIS has way too many holes, and no one was wild > > about NIS+, so, though none of us had dealt with it before, I though LDAP > > was the wave o' the future, and offered to implement it. A month or so > > later, and *lots* of grief and hair tearing (and I ain't got none to > > spare), I got it in. openLDAP's docs were *way* insufficient, and the > > tools that come with it are *not* ready for prime time, and user-surly, to > > say the least. > Mark, > I too have experienced this PAIN!!! > However I never quite got it done, always seemed real close but not quite. > Did you document?? > I am now trying the RH / Fedora DS - no problem getting it installed but > configuration........ > Any pointers to docs that actually work. I have purchased books, read > magazines and spent probably 100+ hours only to run out of time and > energy. It remains on my 'to do' list. > Thanks for any pointers. > Rob ---- skill sets and knowledge for LDAP does not work like most other software and people who jump around from walk-through to walk-through will just give up frustrated because every walk-through has different objectives and assumptions. There is no single way to do anything on LDAP and there are a variety of LDAP server options and implementation for things like user authentication are very tricky. The easy solution is what people don't want to hear...learn LDAP. Once you get the core concepts down, it becomes easy to start wiring in various things like user authentication either as system users or things like http, or even implementing in your smtp server, etc. Gerald Carter's book 'LDAP System Administration' is the only book that I found that simplified the understanding of LDAP, how it works, how to use it, etc. This book probably takes 3-4 hours to digest, work through the examples and give you enough core knowledge to make it work for you. At that point, using OpenLDAP or CentOS-DS or Fedora-DS is more or less a matter of implementation details and utility. None of them are better than the other for most purposes and even things like the consoles in Fedora-DS aren't going to make it any easier for you to use LDAP if you don't understand how it works. In short, there really aren't decent shortcuts to using LDAP if you don't care to actually understand how and why it works. Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.