[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Slapd.conf - how to configure ldap
In a message dated: Mon, 23 Jun 2003 17:52:46 +0200 Cesbron said:
>What is the difference between this two lines :
>suffix "dc=sante, dc=ux, dc=fr"
>suffix "o=sante, c=fr"
>
>Can I have this two lines in the same slapd.conf file ?
>Must I have the same dc and o ?
One is using 'Domain Component' notation, the other is using
organizational and geographic notation. AFAIK, you can only use one
suffix per database, but check the docs, as I'm not positive about
this. Most sites seem to use the Domain Component notation, since
their Internet domain name is unique in the world. However, this can
also be problematic in large organizations where there may well be
more than one LDAP environment and different groups responsible for
them.
Should this be the case, it might make more sense to use the
geographic notation, though it's often longer. In my particular
case, I opted for the geographic, since my division of the company is
actually geographically dispersed between the U.S. and Europe.
>Can anyone help me to get a correct (basic) slapd.conf using the following
>domain = sante.univ.fr
>organisation = fac
I would do something like:
suffix "dc=sante,dc=univ,dc=fr"
What is 'fac' supposed to be?
>manager (rootdn) = Manager
>rootpw (define using slappasswd)
>
>if rootpw secretd does this means that manager is stored in the
>database with its password ?
No, the rootpw is actually stored in the slapd.conf file. It can be
encrypted or in plaintext. Encrypted is obviously preferable for a
site which is concerned about security, but plain text is sometimes
easier to work with during the development/testing phases of a
project.
My production environment has the password encrypted, while my test
environment has the password in plaintext.
I would recommend spending some time with the OpenLDAP documentation
and reading the various man pages. There's a lot of good information
there!
HTH,
--
Seeya,
Paul
--
Key fingerprint = 1660 FECC 5D21 D286 F853 E808 BB07 9239 53F1 28EE
It may look like I'm just sitting here doing nothing,
but I'm really actively waiting for all my problems to go away.
If you're not having fun, you're not doing it right!