SlideShare une entreprise Scribd logo

LDAP(In_Linux).pptx

Télécharger en tant que PPTX, PDF
S
ShanmugapriyaSenthil3

The Lightweight Directory Access Protocol (LDAP) is actually a set of open protocols used to access and modify centrally stored information over a network.

Ingénierie
1  sur  9
LDAP Prepared by, P.Shanmugapriya, AP, KEC
• Lightweight Directory Access Protocol (LDAP) • The Lightweight Directory Access Protocol (LDAP) is actually a set of open protocols used to access and modify centrally stored information over a network. • LDAP Directory • Just as in the popular Domain Name System (DNS), the directory entries in LDAP are arranged in a hierarchical tree structure. The hierarchical tree structure of LDAP is known formally as the directory information tree (DIT). The top of the directory hierarchy has a root element. The complete path to any node in the tree structure, which uniquely identifies it, is known as the distinguished name (DN) of the node or object. • For example, suppose a company named Example, Inc., decides to structure its directory tree using a domain- based naming structure. This company has different subdivisions (OUs), such as the Engineering department, the Sales department, and the R&D department.
• Client/Server Model • A typical interaction between the client and the server goes like this: • 1. An LDAP client application connects to an LDAP server. This process is also referred to as “binding to a server.” • 2. Based on the access restrictions configured on the server, the LDAP server either accepts or refuses the bind/connection request. • 3. Assuming the server accepts, the client has the choice of querying the directory server, browsing the information stored on the server, or attempting to modify /update the information on the LDAP server. • 4. Again, based on access restrictions, the server can allow or deny any of the operations attempted by the client. In the event that the server cannot answer a request, it may forward or refer the client to another upstream LDAP server that may have a more authoritative response to the request. • Uses of LDAP • LDAP can serve as a complete identity management solution for an Organization. • The information stored in DNS records can be stored in LDAP. • LDAP can be used to provide “yellow pages” services for an organization • Mail routing information can be stored in LDAP.
• LDAP Terminology • Entry (or object) • Attributes • objectClass • Schema • LDIF This stands for LDAP Data Interchange Format. • OpenLDAP • OpenLDAP is the open source implementation of LDAP that runs on Linux/UNIX systems. OpenLDAP is a suite of programs, made up of slapd, slurpd, various utilities, and libraries, that implements the LDAP protocol along with various client- and server-side utilities. • slapd This is a stand-alone LDAP daemon that listens for LDAP connections from clients and responds to the LDAP operations it receives over those connections. • slurpd This is a stand-alone LDAP replication daemon that is used to propagate changes from one slapd database to another. This daemon is used for synchronizing changes from one LDAP server to another. It is needed only when more than one LDAP server is in use.
• Installing OpenLDAP • To get the OpenLDAP server and client components up and running, these packages are required on Fedora, RHEL, and CentOS systems: • openldap-2*.rpm Provides the configuration files and libraries for OpenLDAP. • openldap-clients*.rpm Provides the client programs needed for accessing and modifying OpenLDAP directories. • openldap-servers*.rpm Provides the servers (slapd, slurpd) and other utilities necessary to configure and run LDAP. • The steps are: • 1. While logged in as root, first confirm which of the packages you already have installed by querying the RPM database: • [root@fedora-server ~]# rpm -qa | grep -i openldap • 2. Our sample system already has the basic openldap libraries in place, so we will go ahead and install the OpenLDAP client and server packages using dnf: • [root@fedora-server ~]# dnf -y install openldap-servers openldap-clients • 3. Once the installation completes successfully, you can go on to the configuration section.
• Configuring OpenLDAP • Configuring slapd • The slapd.conf file is the configuration file for the slapd daemon. On Fedora and other Red Hat–like distros, the full path to the file is /etc/openldap/slapd.conf. • 1. While logged into the system as root, change to OpenLDAP’s working directory: • [root@fedora-server ~]# cd /etc/openldap/ • 2. Make a backup of any existing slapd.conf file by renaming it (so that you can always revert to it in case of mistakes): • [root@fedora-server openldap]# mv slapd.conf slapd.conf.original • 3. Empty out any existing files and directories under the /etc/openldap/slapd.d/ directory: • [root@fedora-server openldap]# rm -rf slapd.d/* • 4. Use any text editor to create a new /etc/openldap/slapd.conf file. • 5. Save your changes to the file and exit the editor. • 6. Use the slaptest command to convert the slapd.conf file that you created earlier into the new openldap configuration format: • [root@fedora-server openldap]# slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d • 7. The resulting slapd daemon’s configuration should be owned by the system user named ldap. Use the chown and chmod commands to ensure that theconfiguration files have the correct ownership and permissions
• Starting and Stopping slapd • After setting up slapd’s configuration file, our next step will be to start the daemon. • Starting it on a Fedora system is easy. But first, we’ll use the systemctl command to check the status of the daemon: • [root@fedora-server ~]# systemctl status slapd • If the output of the previous command shows that the daemon is not currently running, start it with this command: • [root@fedora-server ~]# systemctl start slapd • And if you find that the LDAP service is already running, you can instead issue the systemctl command with the restart option, like so: • [root@fedora-server ~]# systemctl restart slapd
• Configuring OpenLDAP Clients • The notion of clients takes some getting used to in the LDAP world. Almost any system resource or process can be an LDAP client. And, fortunately or unfortunately, each group of clients has its own specific configuration files. • The configuration files for OpenLDAP clients are generally named ldap.conf, but they are stored in different directories, depending on the particular client in question. • Two common locations for the OpenLDAP client configuration files are the /etc/openldap/ directory and the /etc/ directory. • The client applications that use the OpenLDAP libraries (provided by the openldap*.rpm package)—programs such as ldapadd, ldapsearch, Sendmail, and Evolution—consult the /etc/openldap/ldap .conf file, if it exists. • The nss_ldap libraries instead use the /etc/ldap.conf file as the configuration file. • Open the /etc/openldap/ldap.conf file in any text editor, and change (or create it if it • doesn’t exist) this line in the listing, • # BASE dc=example,dc=com • to look like this: • BASE dc=example,dc=org
• Creating Directory Entries • The LDAP Data Interchange Format (LDIF) is used to represent entries in an LDAP directory in textual form. As stated earlier, data in LDAP is presented and exchanged in this format. The data in an LDIF file can be used to manipulate, add, remove, and change the information stored in the LDAP directory. • The LDIF file is slightly strict in its format. You should keep these points in mind: • Multiple entries within the same LDIF file are separated by blank lines. • Entries that begin with the pound sign (#) are regarded as comments and are ignored. • An entry that spans more than one line can be continued on the next line by starting the next line with a single space or tab character. • The space following the colon (:) is important for each entry.

Recommandé

OpenLDAP - Installation and Configuration
OpenLDAP - Installation and ConfigurationOpenLDAP - Installation and Configuration
OpenLDAP - Installation and ConfigurationWildan Maulana
 
Ldap introduction (eng)
Ldap introduction (eng)Ldap introduction (eng)
Ldap introduction (eng)Anatoliy Okhotnikov
 
Ldap 121020013604-phpapp01
Ldap 121020013604-phpapp01Ldap 121020013604-phpapp01
Ldap 121020013604-phpapp01SANE Ibrahima
 
LDAP
LDAPLDAP
LDAPLokesh Kumar N
 
Modern Deployment Strategies
Modern Deployment StrategiesModern Deployment Strategies
Modern Deployment StrategiesPerforce
 
Lecture 2_ Intro to laravel.pptx
Lecture 2_ Intro to laravel.pptxLecture 2_ Intro to laravel.pptx
Lecture 2_ Intro to laravel.pptxSaziaRahman
 
Installing & Configuring OpenLDAP (Hands On Lab)
Installing & Configuring OpenLDAP (Hands On Lab)Installing & Configuring OpenLDAP (Hands On Lab)
Installing & Configuring OpenLDAP (Hands On Lab)Michael Lamont
 
introduction to ldap
introduction to ldapintroduction to ldap
introduction to ldapThevakumar Presanth
 

Recommandé

OpenLDAP - Installation and Configuration
OpenLDAP - Installation and ConfigurationOpenLDAP - Installation and Configuration
OpenLDAP - Installation and ConfigurationWildan Maulana
 
Ldap introduction (eng)
Ldap introduction (eng)Ldap introduction (eng)
Ldap introduction (eng)Anatoliy Okhotnikov
 
Ldap 121020013604-phpapp01
Ldap 121020013604-phpapp01Ldap 121020013604-phpapp01
Ldap 121020013604-phpapp01SANE Ibrahima
 
LDAP
LDAPLDAP
LDAPLokesh Kumar N
 
Modern Deployment Strategies
Modern Deployment StrategiesModern Deployment Strategies
Modern Deployment StrategiesPerforce
 
Lecture 2_ Intro to laravel.pptx
Lecture 2_ Intro to laravel.pptxLecture 2_ Intro to laravel.pptx
Lecture 2_ Intro to laravel.pptxSaziaRahman
 
Installing & Configuring OpenLDAP (Hands On Lab)
Installing & Configuring OpenLDAP (Hands On Lab)Installing & Configuring OpenLDAP (Hands On Lab)
Installing & Configuring OpenLDAP (Hands On Lab)Michael Lamont
 
introduction to ldap
introduction to ldapintroduction to ldap
introduction to ldapThevakumar Presanth
 
LDAP Applied (EuroOSCON 2005)
LDAP Applied (EuroOSCON 2005)LDAP Applied (EuroOSCON 2005)
LDAP Applied (EuroOSCON 2005)Fran Fabrizio
 
Solr Recipes
Solr RecipesSolr Recipes
Solr RecipesErik Hatcher
 
Ldapsession 1217528612650451-9
Ldapsession 1217528612650451-9Ldapsession 1217528612650451-9
Ldapsession 1217528612650451-9rezgui
 
Ldapsession
LdapsessionLdapsession
Ldapsessionguest648519
 
LDAP - Lightweight Directory Access Protocol
LDAP - Lightweight Directory Access ProtocolLDAP - Lightweight Directory Access Protocol
LDAP - Lightweight Directory Access ProtocolS. Hasnain Raza
 
FTP(In_Linux).pptx
FTP(In_Linux).pptxFTP(In_Linux).pptx
FTP(In_Linux).pptxShanmugapriyaSenthil3
 
Open Ldap Integration and Configuration with Lifray 6.2
Open Ldap Integration and Configuration with Lifray 6.2Open Ldap Integration and Configuration with Lifray 6.2
Open Ldap Integration and Configuration with Lifray 6.2Vinaykumar Hebballi
 
Active Directory & LDAP Authentication Without Triggers
Active Directory & LDAP Authentication Without TriggersActive Directory & LDAP Authentication Without Triggers
Active Directory & LDAP Authentication Without TriggersPerforce
 
Real time Analytics with Apache Kafka and Apache Spark
Real time Analytics with Apache Kafka and Apache SparkReal time Analytics with Apache Kafka and Apache Spark
Real time Analytics with Apache Kafka and Apache SparkRahul Jain
 
Ldap configuration documentation
Ldap configuration documentationLdap configuration documentation
Ldap configuration documentationShree Niraula
 
Solr Recipes Workshop
Solr Recipes WorkshopSolr Recipes Workshop
Solr Recipes WorkshopErik Hatcher
 
Configuring Domino To Be An Ldap Directory And To Use An Ldap Directory
Configuring Domino To Be An Ldap Directory And To Use An Ldap DirectoryConfiguring Domino To Be An Ldap Directory And To Use An Ldap Directory
Configuring Domino To Be An Ldap Directory And To Use An Ldap DirectoryEdson Oliveira
 
Rhel6
Rhel6Rhel6
Rhel6Yash Gulati
 
Practical-LDAP-and-Linux
Practical-LDAP-and-LinuxPractical-LDAP-and-Linux
Practical-LDAP-and-LinuxBalaji Ravi
 
Plone pas.plugins.ldap user/group search
Plone pas.plugins.ldap user/group searchPlone pas.plugins.ldap user/group search
Plone pas.plugins.ldap user/group searchfredvd
 
EKON 12 Running OpenLDAP
EKON 12 Running OpenLDAP EKON 12 Running OpenLDAP
EKON 12 Running OpenLDAP Max Kleiner
 
Ldap system administration
Ldap system administrationLdap system administration
Ldap system administrationAli Abdo
 
Big data components - Introduction to Flume, Pig and Sqoop
Big data components - Introduction to Flume, Pig and SqoopBig data components - Introduction to Flume, Pig and Sqoop
Big data components - Introduction to Flume, Pig and SqoopJeyamariappan Guru
 
Ldap
LdapLdap
LdapShiva Krishna Chandra Shekar
 
Directory services by SAJID
Directory services by SAJIDDirectory services by SAJID
Directory services by SAJIDSajid khan
 
Visualizing Progress.pptx
Visualizing Progress.pptxVisualizing Progress.pptx
Visualizing Progress.pptxShanmugapriyaSenthil3
 
Software Configuration Management.pptx
Software Configuration Management.pptxSoftware Configuration Management.pptx
Software Configuration Management.pptxShanmugapriyaSenthil3
 

Contenu connexe

Similaire à LDAP(In_Linux).pptx

LDAP Applied (EuroOSCON 2005)
LDAP Applied (EuroOSCON 2005)LDAP Applied (EuroOSCON 2005)
LDAP Applied (EuroOSCON 2005)Fran Fabrizio
 
Ldapsession 1217528612650451-9
Ldapsession 1217528612650451-9Ldapsession 1217528612650451-9
Ldapsession 1217528612650451-9rezgui
 
LDAP - Lightweight Directory Access Protocol
LDAP - Lightweight Directory Access ProtocolLDAP - Lightweight Directory Access Protocol
LDAP - Lightweight Directory Access ProtocolS. Hasnain Raza
 
Open Ldap Integration and Configuration with Lifray 6.2
Open Ldap Integration and Configuration with Lifray 6.2Open Ldap Integration and Configuration with Lifray 6.2
Open Ldap Integration and Configuration with Lifray 6.2Vinaykumar Hebballi
 
Active Directory & LDAP Authentication Without Triggers
Active Directory & LDAP Authentication Without TriggersActive Directory & LDAP Authentication Without Triggers
Active Directory & LDAP Authentication Without TriggersPerforce
 
Real time Analytics with Apache Kafka and Apache Spark
Real time Analytics with Apache Kafka and Apache SparkReal time Analytics with Apache Kafka and Apache Spark
Real time Analytics with Apache Kafka and Apache SparkRahul Jain
 
Ldap configuration documentation
Ldap configuration documentationLdap configuration documentation
Ldap configuration documentationShree Niraula
 
Solr Recipes Workshop
Solr Recipes WorkshopSolr Recipes Workshop
Solr Recipes WorkshopErik Hatcher
 
Configuring Domino To Be An Ldap Directory And To Use An Ldap Directory
Configuring Domino To Be An Ldap Directory And To Use An Ldap DirectoryConfiguring Domino To Be An Ldap Directory And To Use An Ldap Directory
Configuring Domino To Be An Ldap Directory And To Use An Ldap DirectoryEdson Oliveira
 
Practical-LDAP-and-Linux
Practical-LDAP-and-LinuxPractical-LDAP-and-Linux
Practical-LDAP-and-LinuxBalaji Ravi
 
Plone pas.plugins.ldap user/group search
Plone pas.plugins.ldap user/group searchPlone pas.plugins.ldap user/group search
Plone pas.plugins.ldap user/group searchfredvd
 
EKON 12 Running OpenLDAP
EKON 12 Running OpenLDAP EKON 12 Running OpenLDAP
EKON 12 Running OpenLDAP Max Kleiner
 
Ldap system administration
Ldap system administrationLdap system administration
Ldap system administrationAli Abdo
 
Big data components - Introduction to Flume, Pig and Sqoop
Big data components - Introduction to Flume, Pig and SqoopBig data components - Introduction to Flume, Pig and Sqoop
Big data components - Introduction to Flume, Pig and SqoopJeyamariappan Guru
 
Directory services by SAJID
Directory services by SAJIDDirectory services by SAJID
Directory services by SAJIDSajid khan
 

Similaire à LDAP(In_Linux).pptx (20)

LDAP Applied (EuroOSCON 2005)
LDAP Applied (EuroOSCON 2005)LDAP Applied (EuroOSCON 2005)
LDAP Applied (EuroOSCON 2005)
 
Solr Recipes
Solr RecipesSolr Recipes
Solr Recipes
 
Ldapsession 1217528612650451-9
Ldapsession 1217528612650451-9Ldapsession 1217528612650451-9
Ldapsession 1217528612650451-9
 
Ldapsession
LdapsessionLdapsession
Ldapsession
 
LDAP - Lightweight Directory Access Protocol
LDAP - Lightweight Directory Access ProtocolLDAP - Lightweight Directory Access Protocol
LDAP - Lightweight Directory Access Protocol
 
FTP(In_Linux).pptx
FTP(In_Linux).pptxFTP(In_Linux).pptx
FTP(In_Linux).pptx
 
Open Ldap Integration and Configuration with Lifray 6.2
Open Ldap Integration and Configuration with Lifray 6.2Open Ldap Integration and Configuration with Lifray 6.2
Open Ldap Integration and Configuration with Lifray 6.2
 
Active Directory & LDAP Authentication Without Triggers
Active Directory & LDAP Authentication Without TriggersActive Directory & LDAP Authentication Without Triggers
Active Directory & LDAP Authentication Without Triggers
 
Real time Analytics with Apache Kafka and Apache Spark
Real time Analytics with Apache Kafka and Apache SparkReal time Analytics with Apache Kafka and Apache Spark
Real time Analytics with Apache Kafka and Apache Spark
 
Ldap configuration documentation
Ldap configuration documentationLdap configuration documentation
Ldap configuration documentation
 
Solr Recipes Workshop
Solr Recipes WorkshopSolr Recipes Workshop
Solr Recipes Workshop
 
Configuring Domino To Be An Ldap Directory And To Use An Ldap Directory
Configuring Domino To Be An Ldap Directory And To Use An Ldap DirectoryConfiguring Domino To Be An Ldap Directory And To Use An Ldap Directory
Configuring Domino To Be An Ldap Directory And To Use An Ldap Directory
 
Rhel6
Rhel6Rhel6
Rhel6
 
Practical-LDAP-and-Linux
Practical-LDAP-and-LinuxPractical-LDAP-and-Linux
Practical-LDAP-and-Linux
 
Plone pas.plugins.ldap user/group search
Plone pas.plugins.ldap user/group searchPlone pas.plugins.ldap user/group search
Plone pas.plugins.ldap user/group search
 
EKON 12 Running OpenLDAP
EKON 12 Running OpenLDAP EKON 12 Running OpenLDAP
EKON 12 Running OpenLDAP
 
Ldap system administration
Ldap system administrationLdap system administration
Ldap system administration
 
Big data components - Introduction to Flume, Pig and Sqoop
Big data components - Introduction to Flume, Pig and SqoopBig data components - Introduction to Flume, Pig and Sqoop
Big data components - Introduction to Flume, Pig and Sqoop
 
Ldap
LdapLdap
Ldap
 
Directory services by SAJID
Directory services by SAJIDDirectory services by SAJID
Directory services by SAJID
 

Plus de ShanmugapriyaSenthil3

Software Configuration Management.pptx
Software Configuration Management.pptxSoftware Configuration Management.pptx
Software Configuration Management.pptxShanmugapriyaSenthil3
 

Plus de ShanmugapriyaSenthil3 (10)

Visualizing Progress.pptx
Visualizing Progress.pptxVisualizing Progress.pptx
Visualizing Progress.pptx
 
Software Configuration Management.pptx
Software Configuration Management.pptxSoftware Configuration Management.pptx
Software Configuration Management.pptx
 
Risk Evaluation.pptx
Risk Evaluation.pptxRisk Evaluation.pptx
Risk Evaluation.pptx
 
Review.pptx
Review.pptxReview.pptx
Review.pptx
 
PROJECT PLANNING.pptx
PROJECT PLANNING.pptxPROJECT PLANNING.pptx
PROJECT PLANNING.pptx
 
PROJECT PLANNING.pptx
PROJECT PLANNING.pptxPROJECT PLANNING.pptx
PROJECT PLANNING.pptx
 
DNS(In_Linux).pptx
DNS(In_Linux).pptxDNS(In_Linux).pptx
DNS(In_Linux).pptx
 
DHCP(In_Linux).pptx
DHCP(In_Linux).pptxDHCP(In_Linux).pptx
DHCP(In_Linux).pptx
 
Syslog.pptx
Syslog.pptxSyslog.pptx
Syslog.pptx
 
Boot_Loaders.pptx
Boot_Loaders.pptxBoot_Loaders.pptx
Boot_Loaders.pptx
 

Dernier

BORESCOPE INSPECTION for engins CFM56.pdf
BORESCOPE INSPECTION for engins CFM56.pdfBORESCOPE INSPECTION for engins CFM56.pdf
BORESCOPE INSPECTION for engins CFM56.pdfomarzaboub1997
 
Seismic Hazard Assessment Software in Python by Prof. Dr. Costas Sachpazis
Seismic Hazard Assessment Software in Python by Prof. Dr. Costas SachpazisSeismic Hazard Assessment Software in Python by Prof. Dr. Costas Sachpazis
Seismic Hazard Assessment Software in Python by Prof. Dr. Costas SachpazisDr.Costas Sachpazis
 
Involute of a circle,Square, pentagon,HexagonInvolute_Engineering Drawing.pdf
Involute of a circle,Square, pentagon,HexagonInvolute_Engineering Drawing.pdfInvolute of a circle,Square, pentagon,HexagonInvolute_Engineering Drawing.pdf
Involute of a circle,Square, pentagon,HexagonInvolute_Engineering Drawing.pdfJNTUA
 
Quiz application system project report..pdf
Quiz application system project report..pdfQuiz application system project report..pdf
Quiz application system project report..pdfKamal Acharya
 
Module-III Varried Flow.pptx GVF Definition, Water Surface Profile Dynamic Eq...
Module-III Varried Flow.pptx GVF Definition, Water Surface Profile Dynamic Eq...Module-III Varried Flow.pptx GVF Definition, Water Surface Profile Dynamic Eq...
Module-III Varried Flow.pptx GVF Definition, Water Surface Profile Dynamic Eq...Nitin Sonavane
 
Introduction to Heat Exchangers: Principle, Types and Applications
Introduction to Heat Exchangers: Principle, Types and ApplicationsIntroduction to Heat Exchangers: Principle, Types and Applications
Introduction to Heat Exchangers: Principle, Types and ApplicationsKineticEngineeringCo
 
Raashid final report on Embedded Systems
Raashid final report on Embedded SystemsRaashid final report on Embedded Systems
Raashid final report on Embedded SystemsRaashidFaiyazSheikh
 
Interfacing Analog to Digital Data Converters ee3404.pdf
Interfacing Analog to Digital Data Converters ee3404.pdfInterfacing Analog to Digital Data Converters ee3404.pdf
Interfacing Analog to Digital Data Converters ee3404.pdfragupathi90
 
Diploma Engineering Drawing Qp-2024 Ece .pdf
Diploma Engineering Drawing Qp-2024 Ece .pdfDiploma Engineering Drawing Qp-2024 Ece .pdf
Diploma Engineering Drawing Qp-2024 Ece .pdfJNTUA
 
SLIDESHARE PPT-DECISION MAKING METHODS.pptx
SLIDESHARE PPT-DECISION MAKING METHODS.pptxSLIDESHARE PPT-DECISION MAKING METHODS.pptx
SLIDESHARE PPT-DECISION MAKING METHODS.pptxCHAIRMAN M
 
Electrical shop management system project report.pdf
Electrical shop management system project report.pdfElectrical shop management system project report.pdf
Electrical shop management system project report.pdfKamal Acharya
 
Research Methodolgy & Intellectual Property Rights Series 1
Research Methodolgy & Intellectual Property Rights Series 1Research Methodolgy & Intellectual Property Rights Series 1
Research Methodolgy & Intellectual Property Rights Series 1T.D. Shashikala
 
The battle for RAG, explore the pros and cons of using KnowledgeGraphs and Ve...
The battle for RAG, explore the pros and cons of using KnowledgeGraphs and Ve...The battle for RAG, explore the pros and cons of using KnowledgeGraphs and Ve...
The battle for RAG, explore the pros and cons of using KnowledgeGraphs and Ve...Roi Lipman
 
Multivibrator and its types defination and usges.pptx
Multivibrator and its types defination and usges.pptxMultivibrator and its types defination and usges.pptx
Multivibrator and its types defination and usges.pptxalijaker017
 
Lesson no16 application of Induction Generator in Wind.ppsx
Lesson no16 application of Induction Generator in Wind.ppsxLesson no16 application of Induction Generator in Wind.ppsx
Lesson no16 application of Induction Generator in Wind.ppsxmichaelprrior
 
ALCOHOL PRODUCTION- Beer Brewing Process.pdf
ALCOHOL PRODUCTION- Beer Brewing Process.pdfALCOHOL PRODUCTION- Beer Brewing Process.pdf
ALCOHOL PRODUCTION- Beer Brewing Process.pdfMadan Karki
 
Intelligent Agents, A discovery on How A Rational Agent Acts
Intelligent Agents, A discovery on How A Rational Agent ActsIntelligent Agents, A discovery on How A Rational Agent Acts
Intelligent Agents, A discovery on How A Rational Agent ActsSheetal Jain
 
Software Engineering - Modelling Concepts + Class Modelling + Building the An...
Software Engineering - Modelling Concepts + Class Modelling + Building the An...Software Engineering - Modelling Concepts + Class Modelling + Building the An...
Software Engineering - Modelling Concepts + Class Modelling + Building the An...Prakhyath Rai
 
Microkernel in Operating System | Operating System
Microkernel in Operating System | Operating SystemMicrokernel in Operating System | Operating System
Microkernel in Operating System | Operating SystemSampad Kar
 
Online book store management system project.pdf
Online book store management system project.pdfOnline book store management system project.pdf
Online book store management system project.pdfKamal Acharya
 

Dernier (20)

BORESCOPE INSPECTION for engins CFM56.pdf
BORESCOPE INSPECTION for engins CFM56.pdfBORESCOPE INSPECTION for engins CFM56.pdf
BORESCOPE INSPECTION for engins CFM56.pdf
 
Seismic Hazard Assessment Software in Python by Prof. Dr. Costas Sachpazis
Seismic Hazard Assessment Software in Python by Prof. Dr. Costas SachpazisSeismic Hazard Assessment Software in Python by Prof. Dr. Costas Sachpazis
Seismic Hazard Assessment Software in Python by Prof. Dr. Costas Sachpazis
 
Involute of a circle,Square, pentagon,HexagonInvolute_Engineering Drawing.pdf
Involute of a circle,Square, pentagon,HexagonInvolute_Engineering Drawing.pdfInvolute of a circle,Square, pentagon,HexagonInvolute_Engineering Drawing.pdf
Involute of a circle,Square, pentagon,HexagonInvolute_Engineering Drawing.pdf
 
Quiz application system project report..pdf
Quiz application system project report..pdfQuiz application system project report..pdf
Quiz application system project report..pdf
 
Module-III Varried Flow.pptx GVF Definition, Water Surface Profile Dynamic Eq...
Module-III Varried Flow.pptx GVF Definition, Water Surface Profile Dynamic Eq...Module-III Varried Flow.pptx GVF Definition, Water Surface Profile Dynamic Eq...
Module-III Varried Flow.pptx GVF Definition, Water Surface Profile Dynamic Eq...
 
Introduction to Heat Exchangers: Principle, Types and Applications
Introduction to Heat Exchangers: Principle, Types and ApplicationsIntroduction to Heat Exchangers: Principle, Types and Applications
Introduction to Heat Exchangers: Principle, Types and Applications
 
Raashid final report on Embedded Systems
Raashid final report on Embedded SystemsRaashid final report on Embedded Systems
Raashid final report on Embedded Systems
 
Interfacing Analog to Digital Data Converters ee3404.pdf
Interfacing Analog to Digital Data Converters ee3404.pdfInterfacing Analog to Digital Data Converters ee3404.pdf
Interfacing Analog to Digital Data Converters ee3404.pdf
 
Diploma Engineering Drawing Qp-2024 Ece .pdf
Diploma Engineering Drawing Qp-2024 Ece .pdfDiploma Engineering Drawing Qp-2024 Ece .pdf
Diploma Engineering Drawing Qp-2024 Ece .pdf
 
SLIDESHARE PPT-DECISION MAKING METHODS.pptx
SLIDESHARE PPT-DECISION MAKING METHODS.pptxSLIDESHARE PPT-DECISION MAKING METHODS.pptx
SLIDESHARE PPT-DECISION MAKING METHODS.pptx
 
Electrical shop management system project report.pdf
Electrical shop management system project report.pdfElectrical shop management system project report.pdf
Electrical shop management system project report.pdf
 
Research Methodolgy & Intellectual Property Rights Series 1
Research Methodolgy & Intellectual Property Rights Series 1Research Methodolgy & Intellectual Property Rights Series 1
Research Methodolgy & Intellectual Property Rights Series 1
 
The battle for RAG, explore the pros and cons of using KnowledgeGraphs and Ve...
The battle for RAG, explore the pros and cons of using KnowledgeGraphs and Ve...The battle for RAG, explore the pros and cons of using KnowledgeGraphs and Ve...
The battle for RAG, explore the pros and cons of using KnowledgeGraphs and Ve...
 
Multivibrator and its types defination and usges.pptx
Multivibrator and its types defination and usges.pptxMultivibrator and its types defination and usges.pptx
Multivibrator and its types defination and usges.pptx
 
Lesson no16 application of Induction Generator in Wind.ppsx
Lesson no16 application of Induction Generator in Wind.ppsxLesson no16 application of Induction Generator in Wind.ppsx
Lesson no16 application of Induction Generator in Wind.ppsx
 
ALCOHOL PRODUCTION- Beer Brewing Process.pdf
ALCOHOL PRODUCTION- Beer Brewing Process.pdfALCOHOL PRODUCTION- Beer Brewing Process.pdf
ALCOHOL PRODUCTION- Beer Brewing Process.pdf
 
Intelligent Agents, A discovery on How A Rational Agent Acts
Intelligent Agents, A discovery on How A Rational Agent ActsIntelligent Agents, A discovery on How A Rational Agent Acts
Intelligent Agents, A discovery on How A Rational Agent Acts
 
Software Engineering - Modelling Concepts + Class Modelling + Building the An...
Software Engineering - Modelling Concepts + Class Modelling + Building the An...Software Engineering - Modelling Concepts + Class Modelling + Building the An...
Software Engineering - Modelling Concepts + Class Modelling + Building the An...
 
Microkernel in Operating System | Operating System
Microkernel in Operating System | Operating SystemMicrokernel in Operating System | Operating System
Microkernel in Operating System | Operating System
 
Online book store management system project.pdf
Online book store management system project.pdfOnline book store management system project.pdf
Online book store management system project.pdf
 

LDAP(In_Linux).pptx

  • 2. • Lightweight Directory Access Protocol (LDAP) • The Lightweight Directory Access Protocol (LDAP) is actually a set of open protocols used to access and modify centrally stored information over a network. • LDAP Directory • Just as in the popular Domain Name System (DNS), the directory entries in LDAP are arranged in a hierarchical tree structure. The hierarchical tree structure of LDAP is known formally as the directory information tree (DIT). The top of the directory hierarchy has a root element. The complete path to any node in the tree structure, which uniquely identifies it, is known as the distinguished name (DN) of the node or object. • For example, suppose a company named Example, Inc., decides to structure its directory tree using a domain- based naming structure. This company has different subdivisions (OUs), such as the Engineering department, the Sales department, and the R&D department.
  • 3. • Client/Server Model • A typical interaction between the client and the server goes like this: • 1. An LDAP client application connects to an LDAP server. This process is also referred to as “binding to a server.” • 2. Based on the access restrictions configured on the server, the LDAP server either accepts or refuses the bind/connection request. • 3. Assuming the server accepts, the client has the choice of querying the directory server, browsing the information stored on the server, or attempting to modify /update the information on the LDAP server. • 4. Again, based on access restrictions, the server can allow or deny any of the operations attempted by the client. In the event that the server cannot answer a request, it may forward or refer the client to another upstream LDAP server that may have a more authoritative response to the request. • Uses of LDAP • LDAP can serve as a complete identity management solution for an Organization. • The information stored in DNS records can be stored in LDAP. • LDAP can be used to provide “yellow pages” services for an organization • Mail routing information can be stored in LDAP.
  • 4. • LDAP Terminology • Entry (or object) • Attributes • objectClass • Schema • LDIF This stands for LDAP Data Interchange Format. • OpenLDAP • OpenLDAP is the open source implementation of LDAP that runs on Linux/UNIX systems. OpenLDAP is a suite of programs, made up of slapd, slurpd, various utilities, and libraries, that implements the LDAP protocol along with various client- and server-side utilities. • slapd This is a stand-alone LDAP daemon that listens for LDAP connections from clients and responds to the LDAP operations it receives over those connections. • slurpd This is a stand-alone LDAP replication daemon that is used to propagate changes from one slapd database to another. This daemon is used for synchronizing changes from one LDAP server to another. It is needed only when more than one LDAP server is in use.
  • 5. • Installing OpenLDAP • To get the OpenLDAP server and client components up and running, these packages are required on Fedora, RHEL, and CentOS systems: • openldap-2*.rpm Provides the configuration files and libraries for OpenLDAP. • openldap-clients*.rpm Provides the client programs needed for accessing and modifying OpenLDAP directories. • openldap-servers*.rpm Provides the servers (slapd, slurpd) and other utilities necessary to configure and run LDAP. • The steps are: • 1. While logged in as root, first confirm which of the packages you already have installed by querying the RPM database: • [root@fedora-server ~]# rpm -qa | grep -i openldap • 2. Our sample system already has the basic openldap libraries in place, so we will go ahead and install the OpenLDAP client and server packages using dnf: • [root@fedora-server ~]# dnf -y install openldap-servers openldap-clients • 3. Once the installation completes successfully, you can go on to the configuration section.
  • 6. • Configuring OpenLDAP • Configuring slapd • The slapd.conf file is the configuration file for the slapd daemon. On Fedora and other Red Hat–like distros, the full path to the file is /etc/openldap/slapd.conf. • 1. While logged into the system as root, change to OpenLDAP’s working directory: • [root@fedora-server ~]# cd /etc/openldap/ • 2. Make a backup of any existing slapd.conf file by renaming it (so that you can always revert to it in case of mistakes): • [root@fedora-server openldap]# mv slapd.conf slapd.conf.original • 3. Empty out any existing files and directories under the /etc/openldap/slapd.d/ directory: • [root@fedora-server openldap]# rm -rf slapd.d/* • 4. Use any text editor to create a new /etc/openldap/slapd.conf file. • 5. Save your changes to the file and exit the editor. • 6. Use the slaptest command to convert the slapd.conf file that you created earlier into the new openldap configuration format: • [root@fedora-server openldap]# slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d • 7. The resulting slapd daemon’s configuration should be owned by the system user named ldap. Use the chown and chmod commands to ensure that theconfiguration files have the correct ownership and permissions
  • 7. • Starting and Stopping slapd • After setting up slapd’s configuration file, our next step will be to start the daemon. • Starting it on a Fedora system is easy. But first, we’ll use the systemctl command to check the status of the daemon: • [root@fedora-server ~]# systemctl status slapd • If the output of the previous command shows that the daemon is not currently running, start it with this command: • [root@fedora-server ~]# systemctl start slapd • And if you find that the LDAP service is already running, you can instead issue the systemctl command with the restart option, like so: • [root@fedora-server ~]# systemctl restart slapd
  • 8. • Configuring OpenLDAP Clients • The notion of clients takes some getting used to in the LDAP world. Almost any system resource or process can be an LDAP client. And, fortunately or unfortunately, each group of clients has its own specific configuration files. • The configuration files for OpenLDAP clients are generally named ldap.conf, but they are stored in different directories, depending on the particular client in question. • Two common locations for the OpenLDAP client configuration files are the /etc/openldap/ directory and the /etc/ directory. • The client applications that use the OpenLDAP libraries (provided by the openldap*.rpm package)—programs such as ldapadd, ldapsearch, Sendmail, and Evolution—consult the /etc/openldap/ldap .conf file, if it exists. • The nss_ldap libraries instead use the /etc/ldap.conf file as the configuration file. • Open the /etc/openldap/ldap.conf file in any text editor, and change (or create it if it • doesn’t exist) this line in the listing, • # BASE dc=example,dc=com • to look like this: • BASE dc=example,dc=org
  • 9. • Creating Directory Entries • The LDAP Data Interchange Format (LDIF) is used to represent entries in an LDAP directory in textual form. As stated earlier, data in LDAP is presented and exchanged in this format. The data in an LDIF file can be used to manipulate, add, remove, and change the information stored in the LDAP directory. • The LDIF file is slightly strict in its format. You should keep these points in mind: • Multiple entries within the same LDIF file are separated by blank lines. • Entries that begin with the pound sign (#) are regarded as comments and are ignored. • An entry that spans more than one line can be continued on the next line by starting the next line with a single space or tab character. • The space following the colon (:) is important for each entry.