On 19 February 2014 05:11:12 CET, Pandu Poluan <pa...@poluan.info> wrote: >On Feb 18, 2014 1:13 PM, "J. Roeleveld" <jo...@antarean.org> wrote: >> >> On 18 February 2014 06:03:02 CET, Pandu Poluan <pa...@poluan.info> >wrote: >> >Hello list! >> > >> >I'm planning to replace an Active Directory server currently >> >functioning >> >*only* as an LDAP server, with a dedicated Linux-based LDAP server. >> > >> >Now, the function of the LDAP server is at the moment: >> >* Provide the settings database for Axigen email server >> >* Provide group membership for BlueCoat proxy (who allowed to access >> >what) >> >* Provide group membership for FreeRADIUS >> >* Provide group membership for Fortinet VPN >> > >> >The day-to-day management will be handled be another division, and >I'm >> >quite sure that they prefer a GUI, so the solution really should >have a >> >GUI >> >support (either Windows-based 'client' or web-based admin console). >> > >> >Apparently, there are now many implementations of LDAP in the *nix >> >world, >> >such as OpenLDAP, OpenDS, ApacheDS, and 389DS. >> > >> >Have any of you experiences with them? Which one do you think is the >> >most >> >mature and supported? And, quite importantly, which one has a GUI >> >front-end? >> > >> >Rgds, >> >-- >> >> Openldap has a webbased gui: phpldapadmin. >> >> Both are in the tree. >> >> I use this myself for all the user accounts. Allowing me to only >maintain >a single repository for all the services and desktops. >> >> Not been able to get ms windows to authenticate against it though. >But >that requires further tools to be properly configured. (Think samba as >a DC) >> > >Interesting... thanks for the heads up! > >MS Windows authentication is not necessary, since this AD server is not >used for that purpose... > >Rgds, >--
If MS Windows is not necessary, then I can help with the config. I got the following authenticating succesfully: Linux accounts (PAM) Apache Egroupware OpenKM Samba Squirrelmail and gallery authenticate against Apache For these I can help you with the necessary config. For others we'll need to see what to configure where. And backups are really easy with no downtime. (Export to LDIF) -- Joost -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
