ldap

This post is part of a series on directory services. Current available installments are: Introduction Terminology Basic concepts Designing the DIT Setting up an LDAP server Securing your LDAP server Writing and testing ACLs Now that we have a directory service up an running it’s important we talk a bit about some security aspects. The configuration that was generated sets up the LDAP server in such a way that anonymous access is not allowed.

This post is part of a series on directory services. Current available installments are: Introduction Terminology Basic concepts Designing the DIT Setting up an LDAP server Securing your LDAP server Writing and testing ACLs I consider setting up a Directory Service a pretty big pain in the ass, especially OpenLDAP. Microsoft fares much better with Active Directory which is also much more easily configured for folks less familiar with directory services in general.

This post is part of a series on directory services. Current available installments are: Introduction Terminology Basic concepts Designing the DIT Setting up an LDAP server Securing your LDAP server Writing and testing ACLs ACLs, access control lists, are an important aspect of running a directory service. ACLs are how you control who can access which parts of the DIT and what things they can do. You can limit certain things like which attributes one can read or write.

This post is part of a series on directory services. Current available installments are: Introduction Terminology Basic concepts Designing the DIT Setting up an LDAP server Securing your LDAP server Writing and testing ACLs I apologise for the long delay between posts. Life took over for a while and I never got around to writing the rest of it. Sitting down and thinking a bit about the DIT upfront can save you endless hours of furstration later on.

This post is part of a series on directory services. Current available installments are: Introduction Terminology Basic concepts Designing the DIT Setting up an LDAP server Securing your LDAP server Writing and testing ACLs Directory Services are fundamentally pretty simple. All information they contain is stored in a hierarchical tree structure, called the DIT. Within the DIT entries can be nested into or beneath each other, creating this tree-like structure.

In this series of posts I want to talk about directory services. The directory allow you to model things like people, computers, groups and their relationships in a central database. This service can then be used for authenticating users, managing group memberships and a whole lot more. In many small environments people avoid the perceived complexity of directory services over manually managing and provisioning groups and users in systems. Though this can work really well, even on a small scale this can get annoying.

This post is part of a series on directory services. Current available installments are: Introduction Terminology Basic concepts Designing the DIT Setting up an LDAP server Securing your LDAP server Writing and testing ACLs Directory services come with a lot of terminology and part of that lingo is what makes things difficult to understand to someone who hasn’t heard any of it before. Below is a common list of terms you might run into in documentation and the rest of these posts and hopefully a simple enough explanation of what they mean.