In this series of posts I want to talk about directory services. The directory allow you to model things like people, computers, groups and their relationships in a central database. This service can then be used for authenticating users, managing group memberships and a whole lot more.
In many small environments people avoid the perceived complexity of directory services over manually managing and provisioning groups and users in systems. Though this can work really well, even on a small scale this can get annoying. Helpfully a lot of software can integrate with directory services but it does require actually being able to operate such a service. Though this is not an inherently complicated thing to do, the lingo, the lackluster documentation and a general belief that this is only for “big corporate” makes people shy away from directory services.
In this series of posts I hope to be able to teach you the basics of directory services. This will include things like terminology you’ll run into, the basic concepts, some architectural advice, setting up an OpenLDAP server and how to configure it paired with some practical recommendations. Hopefully at the end of this you’ll be able to run a directory service even for a small environment like at home, a lab setting or a small startup while reaping its benefits.
This series is, or will be, made up of the following posts: