Upgrading my OpenLDAP BDB Backend for Suse 10.3
When I upgraded from OpenSuse 10.2 to OpenSuse 10.3 I should have backed up my LDAP database as LDIF before I started. I didn't do that of course but I thought maybe I could just copy the database over and tweak the config file in /etc/openldap/slapd.conf. The OpenLDAP server, slapd, can be configured to use a few different backends for storage. The most common seems to be a Berkeley Database. On my installation the database resides in /var/lib/ldap. There are a bunch of files there, it looks like a couple log files, a DB_CONFIG file and several database files (they have the extension .bdb). I don't have exact step-by-step directions for how I fixed it but I'll go over the highlights of what worked for me.
No AuthType Digest with LDAP Authentication Provider for Apache today


Now that I've got an LDAP server up and running I'm trying to get my personal web server set up so it has a blanket authentication for my personal applications, static content and development stuff. The web applications I'm talking about aren't meant to be exposed to the public at large, they're not what you find here on Late Night PC Service or any of my other sites. These are things like PHP Calendar, Task Freak, SugarCRM, a bunch of development versions of apps I'm working on and some static content that might be a single html file or an image. I currently have a server that's accessible through DynDNS and I use basic HTTP authentication on it. The server runs Apache HTTPD 2.2 and has whatever modules I want on it. My next server is roughly the same but I want to make things a little more secure and a little simpler (at the same time no less). So my idea was to move to LDAP as the Authentication Provider and Digest as the Authentication Type.
My LDAP Tree So Far
It took a lot of digging to figure out how I should approach choosing a good LDAP directory layout for my house but Michael Donnelly seems to have an answer I like. I created Organizational Units to hold all the people and all the computers. I want to have a few canonical OUs that hold the base records for each of these things then have other OUs that reference them and group by access. I don't know that I have it all figured out right just yet, but phpLDAPadmin makes it simple to move things around. Just make sure to hit the "Purge caches" link if you move stuff on one computer then view it on another.
A Little LDAP Progress


I'm trying to move forward with the plan I outlined the other day. In short I want to use LDAP to simplify my home network of five computers and six users. I haven't got as far as setting up a login yet but I have got the LDAP server running on one of the computers (named copper) that's running OpenSuse 10.2. Today I just want to talk about the steps I've taken to experiment at getting something going. I'm learning this as I go and these are just notes to help remember how I got to where I am. If they help you too then that's great.
Planning for OpenLDAP at Home
A lot's been going on at home lately, Candace and her brood are coming to live with me and my daughter. We're doing piles of construction in the basement to get bedrooms built. We're all excited and working hard to get stuff done this summer. More importantly though, it is now normal for there to be five computers in my living room (none of which are really meant for my use any more, but that's beside the point). Any of six residents can be in the house at any given time. There are also cases where we might log in remotely: for email, SSH access or a couple other web applications that I run on one of the machines like a wiki and calendar. Then there's Asterisk, which I haven't had up lately but desperately want to get back online.

Background - Many to Many Too Many

Obviously we need to have some common file storage locations and control for access to those locations. So I've decided to look more seriously into setting up LDAP. Currently one of the machines dual boots Windows XP and OpenSuse 10.2. Another one (that I use for a Myth TV front end) runs OpenSuse 10.1. My desktop is full-time OpenSuse 10.2 for now, though I might be pressed to also install Windows Vista soon (resisting with all my might). Let's see... that leaves the two laptops. They run Windows XP. Oh, I almost forgot about the old DOS box I put in the garage to run the CNC. I'll not worry about it for the moment.
Syndicate content