Mastering OpenLDAP: Configuring, Securing and Integrating Directory Services
eBook:
$29.99
Formats:
Formats:
$16.49
save 45%!
Print book:
$49.99
$44.99
save 10%!
Print + eBook bundle:
$79.98
Includes free access to the book on PacktLib
Includes free access to the book on PacktLib
$49.49
save 38%!
Free Shipping! UK, US, Europe and selected countries in Asia.
| This book can also be purchased from: |  |
- Up-to-date with the latest OpenLDAP release
- Installing and configuring the OpenLDAP server
- Synchronizing multiple OpenLDAP servers over the network
- Creating custom LDAP schemas to model your own information
- Integrating OpenLDAP with web applications
Book Details
Language : EnglishPaperback : 484 pages [ 235mm x 191mm ]
Release Date : August 2007
ISBN : 1847191029
ISBN 13 : 978-1-847191-02-1
Author(s) : Matt Butcher
Topics and Technologies : All Books, Architecture & Analysis, Linux Servers, Open Source
Table of Contents
Preface
Chapter 1: Directory Servers and LDAP
Chapter 2: Installation and Configuration
Chapter 3: Using OpenLDAP
Chapter 4: Securing OpenLDAP
Chapter 5: Advanced Configuration
Chapter 6: LDAP Schemas
Chapter 7: Multiple Directories
Chapter 8: LDAP and the Web
Appendix A: Building OpenLDAP from Source
Appendix B: LDAP URLs
Appendix C: Useful LDAP Commands
Index
Matt Butcher
Sorry, we don't have any reviews for this title yet.
Sample chapters
You can view our sample chapters and prefaces of this title on PacktLib or download sample chapters in PDF format.
Find your book in our support section to find errata and to download code samples.
- Installing binary OpenLDAP packages and building from source
- Configuring and verifying the LDAP server
- Building an initial directory tree in an LDIF file
- Loading, modifying, and searching directory records
- Setting passwords and authenticating against the directory
- Configuring Access Control Lists (ACLs)
- Configuring multiple database back ends
- Securing network-based directory connections with SSL and TLS
- Advanced configurations and performance tuning settings
- Creating and implementing LDAP schemas
- Creating custom schemas and sophisticated ACLs
- Using OpenLDAP as a proxy for other LDAP servers
- Adding caching with the Proxy Cache overlay
- Using the transparency overlay to create a hybrid cache
- Installing and configuring a web-base LDAP administration suite
- Keeping multiple directory servers synchronized with SyncRepl
- Using OpenLDAP for Apache authentication
Chapter 1 constitutes the first section. In it we look at general concepts of directory servers and LDAP, cover the history of LDAP and the lineage of the OpenLDAP server, and finish up with a technical overview of OpenLDAP.
The second section (comprising Chapters 2-7) focuses on building directory services with OpenLDAP. In this section, we take a close look at the OpenLDAP server. We begin in Chapter 2 with the process of installing OpenLDAP on a GNU/Linux server. Once we have the server installed, we do the basic post-installation configuration necessary to have the server running.
In Chapter 3, we cover basic use of the OpenLDAP server. We use the OpenLDAP command-line tools to add records to our new directory, search the directory, and modify records. This chapter introduces many of the key concepts involved in working with LDAP data.
Chapter 4 covers security, including handling authentication to the directory, configuring Access Control Lists (ACLs), and securing network-based directory connections with Secure Sockets Layer (SSL) and Transport Layer Security (TLS).
In Chapter 5, we look at advanced configuration of the OpenLDAP server. Here, we take a close look at the various back-end database options and also look at performance tuning settings, as well as the recently introduced technology of directory overlays.
The focus of Chapter 6 is extending the directory structure by creating and implementing LDAP schemas. Schemas provide a procedure for defining new attributes and structures to extend the directory and provide records tailor-made to your needs.
Chapter 7 focuses on directory replication and different ways of getting directory servers to interoperate over a network. OpenLDAP can replicate its directory contents from a master server to any number of subordinate servers. In this chapter, we set up a replication process between two servers.
In the third section of the book, we look at how OpenLDAP is integrated with other applications and services on the network. In Chapter 8, we look at configuring other tools to interoperate with OpenLDAP. We begin with the Apache Web server, using LDAP as a source of authentication and authorization. Next, we install phpLDAPadmin, a web-based program for managing directory servers. Then we look at the main features, and do some custom tuning.
The appendices include a step-by-step guide to building OpenLDAP from source (Appendix A), a guide to using LDAP URLs (Appendix B), and a compendium of useful LDAP client commands (Appendix C).
Annual subscription:
$220.00 per annum
Monthly subscription:
$21.99 per month
|
|||||||||||||
This book is the ideal introduction to using OpenLDAP for Application Developers and will also benefit System Administrators running OpenLDAP. It prepares the reader to build a directory using OpenLDAP, and then employ this directory in the context of the network, taking a practical approach that emphasizes how to get things done. On occasion, it delves into theoretical aspects of LDAP, but only where understanding the theory helps to answer practical questions. The reader requires no knowledge of OpenLDAP, but even readers already familiar with the technology will find new things and techniques.
This book is organized into three major sections: the first section covers the basics of LDAP directory services and the OpenLDAP server; the second focuses on building directory services with OpenLDAP; in the third section of the book, we look at how OpenLDAP is integrated with other applications and services on the network. This book not only demystifies OpenLDAP, but gives System Administrators and Application Developers a solid understanding of how to make use of OpenLDAP's directory services.
The OpenLDAP directory server is a mature product that has been around (in one form or another) since 1995. It is an open-source server that provides network clients with directory services. All major Linux distributions include the OpenLDAP server, and many major applications, both open-source and proprietary, are directory aware and can make use of the services provided by OpenLDAP.
The OpenLDAP directory server can be used to store organizational information in a centralized location, and make this information available to authorized applications. Client applications connect to OpenLDAP using the Lightweight Directory Access Protocol (LDAP) and can then search the directory and (if they have appropriate access) modify and manipulate records.
LDAP servers are most frequently used to provide network-based authentication services for users; but there are many other uses for an LDAP server, including using the directory as an address book, a DNS database, an organizational tool, or even as a network object store for applications.
This book has been written from the application developer's perspective, tackling the topics that will be most important to helping the application developer understand OpenLDAP, and get it set up as securely and quickly as possible. It shows how OpenLDAP interoperates with other UNIX/Linux services (DNS, NIS, Samba, etc.).
The target audience will require basic Linux system administration knowledge, but no prior knowledge of LDAP or OpenLDAP is assumed. If you are web savvy and are interested in using OpenLDAP for web applications and services like client interaction then this is the book for you.
If this isn't the right book for you, take a look at some of our other offerings below.
-
- Understand and configure PAM
- Develop PAM-aware applications and your own PAMs using the API and C
- How to authenticate users in Active Directory, mount encrypted home directories, load SSH keys automatically, and restrict web and rsh services
-
- Implementing Packet filtering, NAT, bandwidth shaping, packet prioritization using netfilter/iptables, iproute2, Class Based Queuing (CBQ) and Hierarchical Token Bucket (HTB)
- Designing and implementing 5 real-world firewalls and QoS scenarios ranging from small SOHO offices to a large scale ISP network that spans many cities
- Building intelligent networks by marking, queuing, and prioritizing different types of traffic
-
- Secure and monitor your network system with open-source Nagios version 3
- Set up, configure, and manage the latest version of Nagios
- In-depth coverage for both beginners and advanced users
-
- Learn how to install, configure, and create tunnels with OpenVPN on Linux, Windows, and MacOSX
- Use OpenVPN with DHCP, routers, firewall, and HTTP proxy servers
- Advanced management of security certificates
-
- All the information you need to easily set up your own Linux email server
- Shows how to provide web access to email, virus and spam protection, and more
- Techniques to backup and protect your data
- Applications used include PostFix, Courier, SquirrelMail, SpamAssassin, ProcMail, and ClamAV
-
- A practical guide to using OpenVPN for building both basic and complex Virtual Private Networks (VPNs)
- Learn how to make use of OpenVPNs modules, high-end-encryption and how to combine it with servers for your individual privacy
- Advanced management of security certificates
- Get to know the new features of the forthcoming version 2.1 of OpenVPN
-
- How best to collect, name, group, and structure your data
- Design your data with future growth in mind
- Practical examples from initial ideas to final designs
- The quickest way to learn how to design good data structures for MySQL
- From the author of Mastering phpMyAdmin
-
- Create, install, and use Vim scripts
- Personalize your work-area
- Optimize your Vim editor to be faster and more responsive
