inline:Portal/IDB/icon-ldap-32x32.png This portal tries to centralize Debian LDAP documentation.
LDAP stands for Lightweight Directory Access Protocol and is not a database but a protocol for querying a directory (database). However, the distinction is generally not that important and this document may refer to LDAP as if it were the database and protocol both.
An LDAP database stores information on objects in a hierarchical manner. Objects have attributes that contain the information that is stored about the object. Objects also have classes that define which attributes must and may be stored on the object. Objects in an LDAP database are distinguished by their Distinguished Name (DN) which indicates their place in the hierarchical tree.
For more general information about LDAP see [http://en.wikipedia.org/wiki/Ldap Wikipedia]. These pages try to explain what use of LDAP can be made on a Debian system.
?TableOfContents(2)
Server Setup
Different parts of the system can be configured to use LDAP to different degrees. Most parts are independant so it's not required to use LDAP for all parts. You generally need an LDAP server somewhere that serves information and configured services to use that information.
- ["LDAP/OpenLDAPSetup"] - Instructions for installing and configuring the OpenLDAP server
Management Tools
- ["LDAP/LDAPUtils"] - Instructions for querying and modifying the LDAP database
[http://packages.debian.org/gq gq] - GTK-based LDAP client
[http://packages.debian.org/luma luma] - QT-based LDAP client
[http://packages.debian.org/phpldapadmin phpldapadmin] - web based interface for administering LDAP servers
[http://packages.debian.org/cpu cpu] - a console based LDAP user management tool
[http://packages.debian.org/ldapscripts ldapscripts] - scripts for managing user accounts
Populating the Server(s)
- ["LDAP/MigrationTools"] - Migrate Authentication and Name Services (NSS) to LDAP
- ["LDAP/MigrationTools/Examples"]
- Formats for various LDAP entries:
- ["LDAPFormatInternalVertices"]: For nodes that exist only to host a subtree (i.e. they have no data of their own).
- ["LDAPFormatAliases"]: /etc/aliases in LDAP
- ["LDAPFormatFstab"]: /etc/fstab in LDAP
- ["LDAP/PowerDNSSetup/Format"]: PowerDNS entry format.
- ["LDAPFormatNisMap"]
Using LDAP
NSS and PAM Client Setup
- ["LDAP/NSS"]
- ["LDAP/PAM"]
DNS from LDAP
- ["LDAP/PowerDNSSetup"] - How to set up a DNS Server that uses an LDAP Backend
AutoFS Setup
- ["LDAP/AutoFSSetup"] - How to get automounter maps from LDAP
LDAP + Kerberos Setup
- ["LDAP/Kerberos"] - How to use Kerberos for authentication and LDAP for authorization + account data
SAMBA Setup
- ["SAMBAServerSetup"]
- ["BuildingALinuxDomain"]
["FreeRadiusToLdap"]
["?WindowsPginaClient"]
?Anchor(links)
External links
There are a lot of resources available on running, using and configuring LDAP servers and services. Note that the list is not ordered and some parts are likely out of date.
WLUG WIKI LDAP Authentication page ?BRhttp://www.wlug.org.nz/LDAPAuthentication
Using OpenLDAP on Debian Woody to serve Linux and Samba Users ?BRhttp://homex.subnet.at/~max/ldap/
Samba & LDAP on Debian made simple! ?BRhttp://mawi.org/sambaldap/Samba_and_LDAP_on_Debian.html
Misc LDAP docs ?BRhttp://cmeerw.org/notes/ldap.html
A Lazy Directory Administrator's Pal ?BRhttp://www.paldap.org/
LDAPv3-Howto ?BRhttp://www.bayour.com/LDAPv3-HOWTO.html ?BRcovers LDAP, Kerberos, TLS/SSL, everything with Debian-related pointers
LDAP Schema Viewer ?BRhttp://ldap.akbkhome.com/ ?BRExplanations about many possible LDAP entries
Exploring LDAP ?BRPart 1: http://www.linux-mag.com/2002-01/guru_01.html ?BRPart 2: http://www.linux-mag.com/2002-02/guru_01.html ?BRPart 3: http://www.linux-mag.com/2002-03/guru_01.html ?BRExcellent Articles from a leading Linux/Unix-author.
PADL Software Pty Ltd ?BRhttp://www.padl.com ?BRa company creating GPL'd PAM-LDAP/NSS-LDAP software
nss-ldapd: NSS module for name lookups using LDAP ?BRhttp://ch.tudelft.nl/~arthur/nss-ldapd/
LDAP Linux Howto ?BRhttp://www.linuxselfhelp.com/HOWTO/LDAP-HOWTO.html
OpenLDAP with Linux and Windows ?BRhttp://www.linuxjournal.com/article.php?sid=5689
Shell Script for addusers to ldap database ?BRhttp://www.gnu.org/directory/devel/shell/diradm.html
Active Directory integration using LDAP Samba, kerberos, winbind, pam, nss ?BRhttp://sadms.sourceforge.net/
LDAP Schema Design ?BRhttp://www.skills-1st.co.uk/papers/ldap-schema-design-feb-2005/ldap-schema-design-feb-2005.html