Fedora Directory Server
16 Aug 2008So one of the things I need to set up at $JOB_2
is some kind of
unified bag o' passwords…which, since I hate NIS, pretty much means
LDAP. This is the first chance I've had to set up an LDAP system from
scratch, rather than either being afraid to try or being stuck with
(and, sadly, contributing to the further divergence of) a mishmash of
semi-borked LDAP servers.
I've been trying out Fedora Directory Server the last few days, and so far I'm pretty happy with it. It's nice to have the luxury of learning what the hell I'm doing before it all goes live, of screwing up a bunch of times on a non-production system.
Likes: Welp, it's a lot like Sun's Directory Server…at least as far as the logging and console go, anyhow. Not surprising, given the heritage. You can automate installation by giving it a configuration file — something I didn't realize you could do with Sun's DS.
Other likes: PHPLDAPAdmin is nice. The latest version has E-Z-Reed XML templates for things like account creation, meaning I can keep my ignorance of Javascript intact. (Hurray!)
Minor irritants: there are a few. First off, there are no RPMs for CentOS 5 for the 1.1 series; you have to jump through some hoops to get the FC6 RPMs of 1.1 installed. I'd originally tried the 1.0 series on Debian, and hadn't realized that the 1.1 series does not include the org chart or E-Z-Account-Maker web app. (This is where y'all can go, "Muffin!")
Third, I'm so far not able to get the automated installation
working…can't figure out why. Not terribly important, since $JOB_2
is small and likely to stay that way; a couple of servers is likely to
be the max. But installation of this thing, just like with Sun DS, has
lots of knobs that you can twiddle if you want, and part of the
problem with the mishmash at $JOB_1
is that no one ever standardized
the settings — never wrote down the answers to the questions, or
scripted it, or came up with a config file, or anything. And it's
hellish if you want to add another install to the mix.
Anyhow...so far it's cool. I've been playing with it on a machine at
$JOB_2
plus an installation of CentOS 5 on my laptop. Still to
learn: SSL, replication, and (maybe) multi-master replication.
(Incidentally, I'm surprised that there isn't a more recent version of O'Reilly's LDAP Administration by Gerald Carter. Yes, there's still OpenLDAP and I don't imagine it's changed very much (feel free to correct me), but something that included Fedora DS, and maybe (maybe) OpenDS would be good.
(And speaking of Sun gossip, I've been meaning to mention this for a while…and now this.)
Add a comment:
Name and email required; email is not displayed.
Related Posts
QRP weekend 08 Oct 2018
Open Source Cubesat Workshop 2018 03 Oct 2018
mpd crash? try removing files in /var/lib/mpd/ 11 Aug 2018