1568
Comment:
|
1699
reorganize, uwa directory referral
|
Deletions are marked like this. | Additions are marked like this. |
Line 3: | Line 3: |
Current status: Sun LDAP server on manbo set up, DN is dc=ucc,dc=gu,dc=uwa,dc=edu,dc=au. Server root is /var/mps/serverroot, admin passwords available upon application to [TRS]. /usr/sbin/directoryserver startconsole start the managery console thing. | = Current status = Sun LDAP server on manbo set up, DN is dc=ucc,dc=gu,dc=uwa,dc=edu,dc=au. |
Line 5: | Line 6: |
== To Do == | [[TableOfContents]] == Configuration Details == Server root is /var/mps/serverroot, admin passwords available upon application to [TRS]. /usr/sbin/directoryserver startconsole start the managery console thing. Referrals to UWA: dc=uwa,dc=edu,dc=au goes to ldap://directory.uwa.edu.au:389/o=The%20University%20of%20Western%20Australia = To Do = |
Line 14: | Line 23: |
* referral to UWA contact directory - what DN? | |
Line 16: | Line 24: |
== User objectClasses == | = User objectClasses = |
Line 26: | Line 34: |
== Useful URLs == http://lists.samba.org/archive/samba/2005-March/101579.html [[BR]] http://www.unav.es/cti/ldap-smb/smb-ldap-3-howto.html [[BR]] http://samba.org/samba/docs/man/Samba-Guide/happy.html [[BR]] http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/passdb.html == Client configuration == |
= Client configuration = |
Line 39: | Line 41: |
= Useful URLs = http://lists.samba.org/archive/samba/2005-March/101579.html [[BR]] http://www.unav.es/cti/ldap-smb/smb-ldap-3-howto.html [[BR]] http://samba.org/samba/docs/man/Samba-Guide/happy.html [[BR]] http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/passdb.html |
This page is for working out the migration of UCC authentication to LDAP.
Current status
Sun LDAP server on manbo set up, DN is dc=ucc,dc=gu,dc=uwa,dc=edu,dc=au.
Configuration Details
Server root is /var/mps/serverroot, admin passwords available upon application to [TRS]. /usr/sbin/directoryserver startconsole start the managery console thing.
Referrals to UWA: dc=uwa,dc=edu,dc=au goes to ldap://directory.uwa.edu.au:389/o=The%20University%20of%20Western%20Australia
To Do
- initialize OU entries
- load user data from nis and samba
- New user creation script, run on manbo?, can use either:
[http://cpu.sourceforge.net/ cpu] and smbpasswd
- smbldap-tools.
- SSL - our own CA or pay for a cert?
- Replication?
Bonus crack - user address book, see (minimally functional) demo at http://mussel.ucc.asn.au/contagged-0.5
User objectClasses
- Structural
- inetOrgPerson
- Auxiliary
- sambaSamAccount
- shadowAccount
Attribute Abuse
Stick dovecot mail_location in preferredDeliveryMethod
Client configuration
- libnss-ldap
- nss_base_passwd ou=People,dc=ucc,dc=gu,dc=uwa,dc=edu,dc=au
- and for hosts with samba: nss_base_passwd ou=Computers,dc=ucc,dc=gu,dc=uwa,dc=edu,dc=au
- libpam-ldap
morwong will only accept {crypt} passwords. Maybe make ignore this and just make morwong ssh-key only?
Useful URLs
http://lists.samba.org/archive/samba/2005-March/101579.html BR http://www.unav.es/cti/ldap-smb/smb-ldap-3-howto.html BR http://samba.org/samba/docs/man/Samba-Guide/happy.html BR http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/passdb.html