Last month’s column introduced the basic principles of the Lightweight Directory Access Protocol (LDAP) and presented an outline of how it can be used as a network authentication tool. Using LDAP, you can configure one system (the LDAP server) to maintain a user directory for an arbitrary number of additional computers, which can greatly simplify user administration if your users must have access to a wide variety of computers — say, mail servers, FTP servers, and so on, or many different workstations.
If you read last month’s column and followed its procedures, you should now have a simple LDAP configuration. Two tasks remain before you’ll have a working LDAP network authentication tool, though: You must load your LDAP server with account information, and you must configure LDAP clients (some of which may be servers for other protocols) to use the LDAP server for their authentication needs. This column covers the first of these tasks; the second task appears in next month’s issue.
Reviewing Your Existing Configuration
Last month’s column described LDAP terminology, how to configure LDAP to hold Linux account information, how to enable security features, and how to start the LDAP server. If the details of what you did are a bit foggy, you might want to review last month’s column before proceeding.
Most of the procedures described this month don’t require that the LDAP server actually be running. However, the account maintenance procedures do require the LDAP server…
Please log in to view this content.
Not Yet a Member?
Register with LinuxMagazine.com and get free access to the entire archive, including:
