[Samba] Re: LDAP account management tools?

Andreas Haumer andreas at xss.co.at
Thu Dec 15 20:59:41 GMT 2005

Hash: SHA1


Raúl D. Pittí Palma schrieb:
> hey!, please share your LDAP database structure, i found that part the
> mst time consuming when you are creating a new domain, or a LDAP server
> able to support multiple apps (samba, mail, locally developed software,
> vpn, etc..)
> Any case study or some notes you would like to share, i can help with
> the QA of the manual,  and  the typing of the document, altough english
> is not mi first language :D

We currently have several pages of information on that
topic in our internal knowledge base. It's all in german
(looking at your signature I reckon this is not your
first language, either ;-) and they contain some internal,
confidental information, but I'll see what I can do.
Perhaps I find some time over the holidays to prepare
something to be published.

IMHO the most valuable information in these documents
is in the chapter titled "Preparation, definitions and
fundamental decisions". Here I have some infos about
topics like

* ways to authenticate against the LDAP database
  how do the various subsystems authenticate?
  pros and cons

* LDAP admin DN
  how, why, where to use it?

* Directory Security Accounts (DSA)
  how, whatfor and why?

* LDAP tree structure
  how do we lay out the tree and why?

* What attribute do we use as RDN for user accounts and why?

* how do we crypt user passwords
  if, how and why (or why not)?

* What system components do work with LDAP and how
  do they work together?

I wrote these documents to set up the standards for us
(xS+S) but it would be interesting to discuss this with
others as I'm sure there's always room for improvement.

As far as I remember there is a Samba Wiki in preparation.
Would this be a good place to start?

What do people think about this?

- - andreas

- --
Andreas Haumer                     | mailto:andreas at xss.co.at
*x Software + Systeme              | http://www.xss.co.at/
Karmarschgasse 51/2/20             | Tel: +43-1-6060114-0
A-1100 Vienna, Austria             | Fax: +43-1-6060114-71
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org


More information about the samba mailing list