Sophie

Sophie

distrib > Mandriva > cooker > x86_64 > by-pkgid > a100f0997407ff82957e996a98fb9db2 > files > 179

lemonldap-ng-1.0-0.3.rc1mdv2011.0.noarch.rpm

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" lang="fr" xml:lang="fr">
<head>
  <meta name="generator" content=
  "HTML Tidy for Linux/x86 (vers 7 December 2008), see www.w3.org" />

  <title>Lemonldap::NG documentation:
  4.3-LDAP-configuration-backend.html</title>
  <meta http-equiv="Content-Type" content="text/html; charset=us-ascii" />
  <style type="text/css">
/*<![CDATA[*/
    body{
      background: #ddd;
      font-family: sans-serif;
      font-size: 11pt;
      padding: 0 50px;
    }
    div.main-content{
      padding: 10px;
      background: #fff;
      border: 2px #ccc solid;
    }
    a{
      text-decoration: none;
    }
    p.footer{
      text-align: center;
      margin: 5px 0 0 0;
    }
    .heading-1{
      text-align: center;
      color: orange;
      font-variant: small-caps;
      font-size: 20pt;
    }
    .heading-1-1{
      color: orange;
      font-size: 14pt;
      border-bottom: 2px #ccc solid;
    }
    pre{
      background: #eee;
      border: 2px #ccc solid;
      padding: 5px;
      border-left: 10px #ccc solid;
    }
    ul.star li{
      list-style-type: square;
    }
  /*]]>*/
  </style>
</head>

<body>
  <div class="main-content">
    <h2 class="heading-1"><span id="HLDAPconfigurationbackend">LDAP
    configuration backend</span></h2>

    <p class="paragraph"></p>

    <ul>
      <li><a href="#HPresentation">Presentation</a></li>

      <li><a href="#HLDAPconfiguration">LDAP configuration</a></li>

      <li><a href="#HLemonLDAP3A3ANGconfiguration">LemonLDAP::NG
      configuration</a></li>

      <li><a href="#HImport">Import</a></li>
    </ul><strong class="strong">Available for LemonLDAP::NG &gt;=
    0.9.4</strong>

    <h3 class="heading-1-1"><span id="HPresentation">Presentation</span></h3>

    <p class="paragraph"></p>You can choose to store LemonLDAP::NG
    configuration in an LDAP directory.

    <p class="paragraph"></p><strong class="strong">Advantages:</strong>

    <ul class="star">
      <li>Easy to share between servers with remote LDAP access</li>

      <li>Easy to duplicate with LDAP synchronization services (like SyncRepl
      in OpenLDAP)</li>

      <li>Security with SSL/TLS</li>

      <li>Access control possible by creating one user for Manager (write) and
      another for portal and handlers (read)</li>

      <li>Easy import/export through LDIF files</li>
    </ul>The configuration will be store under a specific branch, for example
    <strong class="strong">ou=conf,ou=applications,dc=example,dc=com</strong>.

    <p class="paragraph"></p>Each configuration will be represented as an
    entry, which strucutral objectClass is <strong class=
    "strong">applicationProcess</strong>. This objectClass is included in
    every core schemas.

    <p class="paragraph"></p>The configuration name is the same that files, so
    lmConf-1, lmConf-2, etc. This name is used in entry DN, for example
    <strong class=
    "strong">cn=lmConf-1,ou=conf,ou=applications,dc=example,dc=com</strong>.

    <p class="paragraph"></p>Then each parameter is one value of the attribute
    <strong class="strong">description</strong>, prefixed by its key. For
    example <strong class="strong">{ldapPort}389</strong>.

    <p class="paragraph"></p>The LDIF view of such entry can be:

    <p class="paragraph"></p>

    <div class="code">
      <pre>
dn: cn=lmConf-1,ou=conf,ou=applications,dc=example,dc=com
objectClass: top
objectClass: applicationProcess
cn: lmConf-1
description: {globalStorage}'Apache::Session::File'
description: {cookieName}'lemonldap'
description: {whatToTrace}'$uid'
description: {exportedVars}'$data1 = {'uid' =&gt; 'uid','cn' =&gt; 'cn','mail' =&gt; 'mail'};'
description: {ldapPort}389
description: {authentication}'ldap'
description: {locationRules}'$data1 = {'test2.example.com' =&gt; {'<span class="java-keyword">default</span>' =&gt; 'accept','^/logout' =&gt; 'logout_sso <span class="nobr"><a href="http://auth.example.com'&amp;#125;,'test1.example.com'">http://auth.example.com'},'test1.example.com'</a></span> =&gt; {'<span class="java-keyword">default</span>' =&gt; 'accept','^/logout' =&gt; 'logout_sso <span class="nobr"><a href="http://auth.example.com'&amp;#125;&amp;#125;;'">http://auth.example.com'}};'</a></span>
description: {domain}'example.com'
description: {timeout}7200
description: {groups}'$data1 = {};'
description: {portal}'http://auth.example.com/'
description: {ldapServer}'localhost'
description: {exportedHeaders}'$data1 = {'test2.example.com' =&gt; {'Auth-User' =&gt; '$uid'},'test1.example.com' =&gt; {'Auth-User' =&gt; '$uid'}};'
description: {ldapBase}'dc=example,dc=net'
description: {macros}'$data1 = {};'
description: {globalStorageOptions}'$data1 = {'Directory' =&gt; '/usr/local/lemonldap-ng/data/sessions','LockDirectory' =&gt; '/usr/local/lemonldap-ng/data/sessions/lock'};'
description: {managerPassword}''
description: {cfgNum}1
description: {securedCookie}0
description: {managerDn}''
</pre>
    </div>

    <h3 class="heading-1-1"><span id="HLDAPconfiguration">LDAP
    configuration</span></h3>

    <p class="paragraph"></p>We advice to create a specific LDAP account with
    write access on configuration branch. Next create the configuration branch
    where you want. Just remember its DN for LemonLDAP::NG configuration.

    <h3 class="heading-1-1"><span id=
    "HLemonLDAP3A3ANGconfiguration">LemonLDAP::NG configuration</span></h3>

    <p class="paragraph"></p>You can set this directly in <strong class=
    "strong">storage.conf</strong>:

    <p class="paragraph"></p>

    <div class="code">
      <pre>
type             = LDAP
ldapServer       = ldap://localhost
ldapConfBase     = ou=conf,ou=applications,dc=example,dc=com
ldapBindDN       = cn=manager,dc=example,dc=com
ldapBindPassword = secret
</pre>
    </div>

    <h3 class="heading-1-1"><span id="HImport">Import</span></h3><br />
    <br />
    Use script named <strong class="strong">lmConfig_File2LDIF</strong>
    shipped with LemonLDAP::NG:<br />
    <br />

    <div class="code">
      <pre>
$ lmConfig_File2LDIF -b <span class=
"java-quote">"ou=conf,ou=applications,dc=example,dc=com"</span> /usr/local/lemonldap-ng/data/conf/lmConf-1
</pre>
    </div><br />
    <br />
    You can use <strong class="strong">-c</strong> to print the branch above
    configuration entry in LDIF file. In this case, the branch <strong class=
    "strong">must</strong> use <strong class="strong">ou</strong> as RDN
    attribute.<br />
    <br />
    You can import LDIF directly in your directory:<br />
    <br />

    <div class="code">
      <pre>
$ lmConfig_File2LDIF -c -b <span class=
"java-quote">"ou=conf,ou=applications,dc=example,dc=com"</span> /usr/local/lemonldap-ng/data/conf/lmConf-1 | ldapadd -x -D "cn=manager,dc=example,dc=com -w secret
</pre>
    </div>
  </div>

  <p class="footer"><a href="index.html">Index</a></p>
</body>
</html>

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional