openldap
play

OpenLDAP Developer Conference 2011 PRESENTED BY: Jan Velk Red Hat - PowerPoint PPT Presentation

Apr 17, 2023 •220 likes •381 views

OpenLDAP Developer Conference 2011 PRESENTED BY: Jan Velk Red Hat Attribution-ShareAlike 3.0 Unported (CC BY-SA 3.0) http://creativecommons.org/licenses/by-sa/3.0/ topics what is LDAP database structure difference from other

  1. OpenLDAP Developer Conference 2011 PRESENTED BY: Jan Včelák Red Hat Attribution-ShareAlike 3.0 Unported (CC BY-SA 3.0) http://creativecommons.org/licenses/by-sa/3.0/

  2. topics ● what is LDAP ● database structure ● difference from other Dbs ● server architecture ● data distrubution ● configuration

  3. LDAP ● Lightweight Directory Access Protocol ● X.500 (DAP, DSP, DISP, DOP) ● address book ● user management ● authentication (password, SSH key, ...) ● central configuration (DNS, DHCP, autofs, ...) ● authentication backend (Kerberos, Radius, ...) ● ....

  4. Directory Information Tree dc=example,dc=com l=Brno l=New York ou=Development ou=Accounting ou=Sales cn=Jan Novák cn=John Doe

  5. entries ● DN (Distinguish Name) ● RDN (Relative Distinguish Name) cn=John Doe ,ou=Sales, l=New York,dc=example,dc=com

  6. LDIF dn: uid=jdoe,dc=example,dc=com objectClass: top objectClass: person objectClass: inetOrgPerson cn: John Doe sn: Doe uid: fbar givenName: John userPassword: secret departmentNumber: 2220 mobile: +1 213 151-5816 mail: fbar@example.com usercertificate;binary:: MIIBvjCCASegAwIBAgIBAjANBgkqhki G9w0BAQQFADAnMQ8wDQYDVQQDEwZjb25maWcxFDASBgNVBAMTC01NUi BDQSBDZXJ0MB4XDTAxMDQwNTE1NTEwNloXDTExMDcw...

  7. schema – classes objectclass ( 2.16.840.1.113730.3.2.2 NAME 'inetOrgPerson' DESC 'RFC2798: Internet Organizational Person' SUP organizationalPerson STRUCTURAL MAY ( audio $ businessCategory $ carLicense $ departmentNumber $ displayName $ employeeNumber $ employeeType $ givenName $ homePhone $ homePostalAddress $ initials $ jpegPhoto $ labeledURI $ mail $ manager $ mobile $ o $ pager $ photo $ roomNumber $ secretary $ uid $ userCertificate $ x500uniqueIdentifier $ preferredLanguage $ userSMIMECertificate $ userPKCS12 ) )

  8. schema – attributes attributetype ( 2.16.840.1.113730.3.1.39 NAME 'preferredLanguage' DESC 'RFC2798: preferred written or spoken language for a person' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )

  9. difference from other DBs ● data organization ● data operations ● referential integrity ● transactions ● distribution by design ● schema

  10. OpenLDAP server architecture request overlays LDAP operations backends storage

  11. available modules accesslog dyngroup rwm auditlog dynlist seqmod back_sql memberof smbk5pwd chain pbind sssvlv collect pcache syncprov constraint ppolicy translucent dds refint unique deref retcode valsort

  12. data distribution - referrals dc=example,dc=com l=Brno, l=New York, dc=example, dc=example, dc=com dc=com

  13. data distribution - replication l=Brno, l=Brno, dc=example, dc=example, dc=com dc=com ldap.brno.example.com ldap-backup.brno.example.com

  14. configuration ● cn=config ● since 2.3 ● LDIF backend - /etc/openldap/slapd.d ● on-the-fly modification ● man slapd-config ● /etc/openldap/slapd.conf ● works – but please, do not use ● man slapd.conf

  15. Questions? CONT ACT: jvcelak@redhat.com Attribution-ShareAlike 3.0 Unported (CC BY-SA 3.0) http://creativecommons.org/licenses/by-sa/3.0/

Recommend

What's New in OpenLDAP Howard Chu CTO, Symas Corp / Chief Architect OpenLDAP FOSDEM'14 OpenLDAP

What's New in OpenLDAP Howard Chu CTO, Symas Corp / Chief Architect OpenLDAP FOSDEM'14 OpenLDAP

What's New in OpenLDAP Howard Chu CTO, Symas Corp / Chief Architect OpenLDAP FOSDEM'14 OpenLDAP Project Open source code project Founded 1998 Three core team members A dozen or so contributors Feature releases every 12-18

627 views • 42 slides
MDB: A Memory-Mapped Database and Backend for OpenLDAP Howard Chu CTO, Symas Corp.

MDB: A Memory-Mapped Database and Backend for OpenLDAP Howard Chu CTO, Symas Corp.

TM S Y M A S The LDAP guys. MDB: A Memory-Mapped Database and Backend for OpenLDAP Howard Chu CTO, Symas Corp. hyc@symas.com Chief Architect, OpenLDAP hyc@openldap.org TM S Y M A S The LDAP guys. OpenLDAP Project Open source

1.01k views • 63 slides
LDAP for MySQL Cluster back-ndb Howard Chu CTO, Symas Corp. hyc@symas.com Chief Architect,

LDAP for MySQL Cluster back-ndb Howard Chu CTO, Symas Corp. hyc@symas.com Chief Architect,

LDAP for MySQL Cluster back-ndb Howard Chu CTO, Symas Corp. hyc@symas.com Chief Architect, OpenLDAP hyc@openldap.org OpenLDAP Project Open source code project Founded 1998 Three core team members A dozen or so contributors

596 views • 34 slides
One Year Solving Infrastructure Management with FusionDirectory and OpenLDAP This work is

One Year Solving Infrastructure Management with FusionDirectory and OpenLDAP This work is

One Year Solving Infrastructure Management with FusionDirectory and OpenLDAP One Year Solving Infrastructure Management with FusionDirectory and OpenLDAP This work is licensed under the Creative Commons Attribution-ShareAlike 3.0 Unported

491 views • 21 slides
Certificate Retrieval from OpenLDAP The X.509 attribute Parsing Server (XPS)

Certificate Retrieval from OpenLDAP The X.509 attribute Parsing Server (XPS)

Certificate Retrieval from OpenLDAP The X.509 attribute Parsing Server (XPS) d.w.chadwick@salford.ac.uk The Problem PKI clients cannot search for specific X.509 attributes stored in LDAP directories, e.g. Find the encryption PKC for

667 views • 23 slides
Open Source IAM using Fortress and OpenLDAP LDAPCon October 11, 2011 Shawn.McKinney@ Agenda

Open Source IAM using Fortress and OpenLDAP LDAPCon October 11, 2011 Shawn.McKinney@ Agenda

Open Source IAM using Fortress and OpenLDAP LDAPCon October 11, 2011 Shawn.McKinney@ Agenda Product vision Project status Functional gaps covered Features and technologies Installation and usage demo Where to get more

564 views • 23 slides
Peddle the Pedal to the Metal Howard Chu CTO, Symas Corp. hyc@symas.com Chief Architect,

Peddle the Pedal to the Metal Howard Chu CTO, Symas Corp. hyc@symas.com Chief Architect,

Peddle the Pedal to the Metal Howard Chu CTO, Symas Corp. hyc@symas.com Chief Architect, OpenLDAP hyc@openldap.org 2019-03-05 Overview Context, philosophy, impact Profiling tools Obvious problems and effective solutions More

770 views • 47 slides
WiredTiger Backend for OpenLDAP Open Source Solution Technology Corporation Tsukasa Hamano

WiredTiger Backend for OpenLDAP Open Source Solution Technology Corporation Tsukasa Hamano

WiredTiger Backend for OpenLDAP Open Source Solution Technology Corporation Tsukasa Hamano <hamano@osstech.co.jp> LDAPCon 2015 Edinburgh November 2015 Open Source Solution Technology Corporation 1 WiredTiger Backend for OpenLDAP About

399 views • 23 slides
UNDERSTAND PASSWORD POLICY IN OPENLDAP AND DISCOVER TOOLS TO MANAGE IT Pass the SALT 2020 $

UNDERSTAND PASSWORD POLICY IN OPENLDAP AND DISCOVER TOOLS TO MANAGE IT Pass the SALT 2020 $

UNDERSTAND PASSWORD POLICY IN OPENLDAP AND DISCOVER TOOLS TO MANAGE IT Pass the SALT 2020 $ ldapwhoami LemonLDAP::NG LDAP Tool Box LDAP Synchronization Connector FusionIAM WSweet Clment OUDOT KPTN Identity Solutions Manager

508 views • 24 slides
Manage password policy in OpenLDAP Clment OUDOT coudot@linagora.com First time you see me?

Manage password policy in OpenLDAP Clment OUDOT coudot@linagora.com First time you see me?

Manage password policy in OpenLDAP Clment OUDOT coudot@linagora.com First time you see me? Let's introduce! LDAPcoholic since many years Fake developer, real hacker Let's begin with the password policy draft (Behera draft) A draft? Is it

476 views • 26 slides
LDAP LDAPv3, Internet Standard RFC4510 RFC 4510-4521 and about 40 others for extensions Many

LDAP LDAPv3, Internet Standard RFC4510 RFC 4510-4521 and about 40 others for extensions Many

What is LDAP Lightweight Directory Access Protocol Phonebook Based on X.500 DAP on OSI stack Developed in '93 @ UMich LDAP LDAPv3, Internet Standard RFC4510 RFC 4510-4521 and about 40 others for extensions Many implementations OpenLDAP

544 views • 6 slides
Binary compatibility on NetBSD Emmanuel Dreyfus, july 2014 About me Emmanuel Dreyfus

Binary compatibility on NetBSD Emmanuel Dreyfus, july 2014 About me Emmanuel Dreyfus

Binary compatibility on NetBSD Emmanuel Dreyfus, july 2014 About me Emmanuel Dreyfus <manu@netbsd.org> IT manager at ESPCI ParisTech as daylight job NetBSD contributor since 2001 Milter-greylist since 2006 OpenLDAP,

590 views • 22 slides

More recommend