[Samba] Re: LDAP account management tools?
andreas at xss.co.at
Thu Dec 15 20:59:41 GMT 2005
-----BEGIN PGP SIGNED MESSAGE-----
Raúl D. Pittí Palma schrieb:
> hey!, please share your LDAP database structure, i found that part the
> mst time consuming when you are creating a new domain, or a LDAP server
> able to support multiple apps (samba, mail, locally developed software,
> vpn, etc..)
> Any case study or some notes you would like to share, i can help with
> the QA of the manual, and the typing of the document, altough english
> is not mi first language :D
We currently have several pages of information on that
topic in our internal knowledge base. It's all in german
(looking at your signature I reckon this is not your
first language, either ;-) and they contain some internal,
confidental information, but I'll see what I can do.
Perhaps I find some time over the holidays to prepare
something to be published.
IMHO the most valuable information in these documents
is in the chapter titled "Preparation, definitions and
fundamental decisions". Here I have some infos about
* ways to authenticate against the LDAP database
how do the various subsystems authenticate?
pros and cons
* LDAP admin DN
how, why, where to use it?
* Directory Security Accounts (DSA)
how, whatfor and why?
* LDAP tree structure
how do we lay out the tree and why?
* What attribute do we use as RDN for user accounts and why?
* how do we crypt user passwords
if, how and why (or why not)?
* What system components do work with LDAP and how
do they work together?
I wrote these documents to set up the standards for us
(xS+S) but it would be interesting to discuss this with
others as I'm sure there's always room for improvement.
As far as I remember there is a Samba Wiki in preparation.
Would this be a good place to start?
What do people think about this?
- - andreas
Andreas Haumer | mailto:andreas at xss.co.at
*x Software + Systeme | http://www.xss.co.at/
Karmarschgasse 51/2/20 | Tel: +43-1-6060114-0
A-1100 Vienna, Austria | Fax: +43-1-6060114-71
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the samba