This portal try to centralize Debian LDAP documentation.
LDAP stands for Lightweight Directory Access Protocol and is not a database but a protocol for querying a directory (database). However, the distinction is generally not that important and this document may refer to LDAP as if it were the database and protocol both.
An LDAP database stores information on objects in a hierarchical manner. Objects have attributes that contain the information that is stored about the object. Objects also have classes that define which attributes must and may be stored on the object. Objects in an LDAP database are distinguished by their Distinguished Name (DN) which indicates their place in the hierarchical tree.
For more general information about LDAP see [http://en.wikipedia.org/wiki/Ldap Wikipedia]. These pages try to explain what use of LDAP can be made on a Debian system.
?TableOfContents(2)
Documentation
Different parts of the system can be configured to use LDAP to different degrees. Most parts are independant so it's not required to use LDAP for all parts. You generally need an LDAP server somewhere that serves information and configured services to use that information.
Server Setup
- ["LDAP/OpenLDAPSetup"] - Instructions for installing and configuring the OpenLDAP server
LDAP Management
- ["LDAPTools"] - Instructions for querying and modifying the LDAP database
[http://packages.debian.org/gq gq] - GTK-based LDAP client
[http://packages.debian.org/luma luma] - QT-based LDAP client
[http://packages.debian.org/phpldapadmin phpldapadmin] - web based interface for administering LDAP servers
[http://packages.debian.org/cpu cpu] - a console based LDAP user management tool
Populating the Server(s)
- ["LDAPMigrationTools"] - Migrate Authentication and Name Services (NSS) to LDAP
- ["LDAPMigrationExamples"]
- Formats for various LDAP entries:
- ["LDAPFormatInternalVertices"]: For nodes that exist only to host a subtree (i.e. they have no data of their own).
- ["LDAPFormatAliases"]: /etc/aliases in LDAP
- ["LDAPFormatFstab"]: /etc/fstab in LDAP
- ["LDAP/PowerDNSSetup/Format"]: PowerDNS entry format.
- ["LDAPFormatNisMap"]
NSS and PAM Client Setup
- ["LDAP/NSS"]
- ["LDAP/PAM"]
DNS from LDAP
- ["LDAP/PowerDNSSetup"] - How to set up a DNS Server that uses an LDAP Backend
NFS and AutoFS Setup
- ["NFSServerSetup"]
- ["AutoFSClientSetup"]
SAMBA Setup
- ["SAMBAServerSetup"]
- ["SAMBAClientSetup"]
- ["PAMSAMBALDAPSetup"]
?Anchor(links)
External links
There are a lot of resources available on running, using and configuring LDAP servers and services. Note that the list is not ordered and some parts are likely out of date.
Zed Pobre's ldapadduser ?BRhttp://people.debian.org/~zed/ldapadduser ?BRIntended to be a replacement for the standard "adduser" and "deluser" scripts, additionally supporting a LDAP database for user. It is implemented in Perl. Discussion of Features:
minkirri ldap-auth project ?BRhttp://minkirri.apana.org.au/~abo/projects/ldap-auth/
WLUG WIKI LDAP Authentication page ?BRhttp://www.wlug.org.nz/LDAPAuthentication
Definitive simple guide ?BRhttp://homex.subnet.at/~max/ldap/ ?BRreally excellent. I have read many articles (most of the ones mentioned here), and this one is really good - especially the samba coverage. I myself have written http://mawi.org/sambaldap/Samba_and_LDAP_on_Debian.html which is subject to some editing.
Mandrake LDAP documentation ?BRhttp://www.mandrakesecure.net/en/docs/ldap-auth.php ?BRvery good! Suggested reading: the 'User Contributed Notes', especially the ones about the proxyuser.
Debian LDAP stuff ?BRhttp://www.metaconsultancy.com/whitepapers/
Misc LDAP docs ?BRhttp://cmeerw.org/notes/ldap.html
LDAP Wiki ?BRhttp://www.paldap.org/
LDAPv3-Howto ?BRhttp://www.bayour.com/LDAPv3-HOWTO.html ?BRcovers LDAP, Kerberos, TLS/SSL, everything with Debian-related pointers
Formats for Entries ?BRhttp://ldap.akbkhome.com/ ?BRExplanations about many possible LDAP entries
Exploring LDAP ?BRPart 1: http://www.linux-mag.com/2002-01/guru_01.html ?BRPart 2: http://www.linux-mag.com/2002-02/guru_01.html ?BRPart 3: http://www.linux-mag.com/2002-03/guru_01.html ?BRExcellent Articles from a leading Linux/Unix-author.
PADL Software Pty Ltd ?BRhttp://www.padl.com ?BRa company creating GPL'd PAM-LDAP/NSS-LDAP software
nss-ldapd: NSS module for name lookups using LDAP ?BRhttp://ch.tudelft.nl/~arthur/nss-ldapd/
General LDAP Howto ?BRhttp://linuxselfhelp.com/HOWTO/LDAP-HOWTO.html
OpenLDAP with Linux and Windows ?BRhttp://www.linuxjournal.com/article.php?sid=5689
Shell Script for addusers to ldap database ?BRhttp://www.gnu.org/directory/devel/shell/diradm.html
Active Directory integration using LDAP Samba, kerberos, winbind, pam, nss ?BRhttp://sadms.sourceforge.net/
LDAP Schema Design ?BRhttp://www.skills-1st.co.uk/papers/ldap-schema-design-feb-2005/ldap-schema-design-feb-2005.html