[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Novice problem
- To: openldap-technical@openldap.org
- Subject: Re: Novice problem
- From: Christopher Wood <christopher_wood@pobox.com>
- Date: Mon, 06 Jun 2011 08:49:18 -0400
- Dkim-signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=message-id :date:from:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; s=sasl; bh=e8HWwyCt9v9j wzVjITzLbmVYn7E=; b=ldr2b1sCyj3VAnJL4J8fB48/Qrj6XtxvyHxq/JCGRVyS TMnFob8okgMl8J3zKp+Rkba0XYWl3rl5N2Kt0QYTihBIwYnmk0GADXdWR4eNtKHs MjWu7chpDwX0EObg2k5lTY0e3QRoqH/ARbOluh9WRhgccODUTR2WUPRvM8DedDs=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=pobox.com; h=message-id:date :from:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; q=dns; s=sasl; b=KViJre wl6nfwiucQBSayC81W5nVH7m5xU4DoQmrnJLPekX5Tu3brYngf45LFQE74zJo9fm 16gExzA3IBlCjMVNGfVatnmx0nT38vweacaqglGpJvtMmqmOgx4+soMJNomNSnb1 vY4Rh9LVC1MBgicZjn8oXja6HznQnaYBuJUyQ=
- In-reply-to: <BANLkTi==Cds6qZ45_3qNYO2uqNNQoJejCA@mail.gmail.com>
- References: <BANLkTikGV50s25Du5XmPhmo3ao6KGW48vQ@mail.gmail.com> <4DE96926.5020802@pobox.com> <BANLkTi==Cds6qZ45_3qNYO2uqNNQoJejCA@mail.gmail.com>
- User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.16) Gecko/20110506 Icedove/3.0.11
inline
On 06/06/11 05:01 AM, Aurélien Lafranchise wrote:
Hi,
Inline
Aurélien Lafranchise | Consultant
Tél. : +33 (0)1 75 43 55 12 | Fax : +33 (0)1 75 43 55 11
www.snype-consulting.com <http://www.snype-consulting.com/>
2011/6/4 Christopher Wood <christopher_wood@pobox.com
<mailto:christopher_wood@pobox.com>>
Inline.
On 01/06/11 05:46 AM, Aurélien Lafranchise wrote:
Hi all,
I am a very novice (less than a week) with OpenLDAP and I have some
basics problems.
First, I have the 2.4.25 version and I downloaded the Admin
Guide as a
documentation.
I understood that the way to configure the server change from
slapd.conf
to cn=config and this change is not clear by reading the
documention.
My question is simple, how to create my own DIT without
interfering with
the default configuration ?
I took the (quick, lazy) path of making a slapd.conf and using
slaptest to convert to the cn=config format. The slapd.conf was
basic enough to have database locations and indexing, and I added
replication later via ldapmodifies to cn=config.
It also helped that I could look at the entries under cn=config and
compare them to my slapd.conf.
Ok, thanks it is not the best but very efficient !
I'm still learning myself, so I figured that the provided tools will be
better than me at making cn=config setups.
The end goal of this server is to have a radius server
interrogating the
LDAP one to deliver IP address to a GGSN (GPRS équipement).
So far I've found that the configuration with the fewest points of
failure is when the ldap directory is on the same host as the radius
daemon. Also, perhaps look into the FreeRADIUS schema for OpenLDAP
as a convenient way to get started storing your radius information
in the directory.
Why do you have a problem by having freeradius and openldap on the same
server ?
I meant that the configuration with the least problems was when they
were on the same server. I've tried the (radius -> firewall -> load
balancer -> ldap) configuration before and at times it wasn't the best
it could be.
I found the freeradius schema and I have to modify it so it take more time.
Do you have an idea about what is a collective attribute ?
I have no idea, but the IETF has all the RFCs:
http://www.ietf.org/rfc/rfc3671.txt
Thanks for the help provided.
Aurélien Lafranchise | Consultant
Tél. : +33 (0)1 75 43 55 12 | Fax : +33 (0)1 75 43 55 11
www.snype-consulting.com <http://www.snype-consulting.com>
<http://www.snype-consulting.com/>