Category Archives: ldap,Openldap,Directory Structure

>Identity Propagation

Tweet> SASL (Simple Access Security Layer) Proxy is one of the identity propagation methods. SASL Proxy Authorization allows authenticated user to request that they can act on behalf on another user.Identity Propagation occurs once user get authenticated and get authenticated DN, like you can see in below output. +++++++++++++++++++++++++++++ SASL/GSSAPI authentication started SASL username: admin@LINUXMANTRA.LOCAL… Read More »

>LDAP SSL : Part 2

Tweet> In the last post, I discussed about accessing ldap server via socket. In this post I am going to configure SSL for ldap.Step1. Create  a self signed certificate using openssl command. The path of SSL certificate file will be /etc/pki/tls/certs/linuxmantra.crt and SSL key file will be  /etc/pki/tls/certs/linuxmantra.keyroot# openssl req -new -x509 -nodes -out /etc/pki/tls/certs/linuxmantra.crt… Read More »

>LDAP SSL : Part 1

Tweet> In the series of openldap implementation on CentOS6, In next post I am going to discuss ldap TLS (ssl) configuration.  LDAP data communication over TLS will be safe and encrypted. Encrypted data can’t be decoded even though get intercept by network sniffer tools such as Wireshark or tcpdump. Before going in the implementation part… Read More »

>samba ldap setup

Tweet> Below questions encountered by most of the Linux adminIs there any options in Linux to implement windows Active Directory concept? The answer is yes, You can implement windows AD logic on Linux servers. Suppose as a linux admin, you get the task to migrate windows Active Directory server to Linux platform.  Windows AD is… Read More »

>ldap authentication

Tweet> In my last two posts and, I discussed ldap basics and its setup on centos server.  As we know User account verification and authentication are two different thing. I already discussed account verification using ldap in my last post User Authentication  is a independent process. There are multiple authentication method in Linux. Have a look on below image… Read More »

>ldap on linux : Part 2

Tweet> In my last post, I discussed installation and basic configuration of openldap. Here in this article, I am going to discuss user account creation and its usage in account verification and authentication.  As we know, Linux users information getting stored inside file /etc/passwd but users stored inside /etc/passwd can’t perform network logon. For network… Read More »

>ldap on linux : Part 1

Tweet> In this article, I am going to cover installation and basic configuration part of openldap. This article is covered on CentOS6.  This article is for the Linux Admins who have following question in mind  Where and how to start with LDAP? OpenLDAP in open source software to implement LDAP server in your environment. 1.… Read More »

>Recover Slave OpenLdap Server

Tweet> If slurpd based slave openldap server become inconsistent. Following steps can be followed for immediate recovery Put the master slapd server in read only mode Completely stop slapd on slave  Clear the content of data directory, (/var/lib/ldap) Copy fresh dump from master and paste it into slave server Use slapadd to rebuild the directory… Read More »

>Stale Lock in openldap

Tweet> Yesterday i got a problem in our samba+ldap setup, Client machines are unable to access samba shares. After investigation i found that samba is not running. Since my setup is RHEL 5 based so i used following command to start my samba services.root# service smb startIt didn’t give any error but using netstat command… Read More »