OpenLDAP
| OpenLDAP | |
|---|---|
| Basic data
|
|
| developer | OpenLDAP Foundation |
| Current version |
2.4.49 ( January 30, 2020 ) |
| operating system | Unix , Linux , BSD derivatives, Windows , macOS , Solaris |
| programming language | C. |
| category | User administration |
| License | OpenLDAP Public License |
| German speaking | No |
| www.openldap.org | |
OpenLDAP is an implementation of LDAP that is released as free software under the OpenLDAP Public License, which is similar to the BSD license. OpenLDAP is part of most current Linux distributions and also runs under various Unix variants, macOS and various Windows versions.
Since OpenLDAP follows the LDAP standard, it is possible with OpenLDAP to set up a central user data administration and to maintain it centrally.
Compared to other solutions
Since OpenLDAP is the reference implementation of the protocol, schema files are carefully checked for protocol conformity. This occasionally leads to error messages when faulty schema files, which are accepted by Directory Server Agents (DSA) from other manufacturers, are transferred to an OpenLDAP system.
By providing different backends and overlays, protocol extensions and extended operations can be implemented very easily. The SQL backend forwards the search results of an RDBM search to the DSA, so that the requesting LDAP client receives a protocol-compliant data packet.
Items included
In addition to the server, the software package also includes other tools for configuration and required libraries. It mainly consists of the following components:
-
slapd- stand-alone LDAP daemon -
backends- This is used to actually access the data -
overlays- enable the behavior of the backends and thus of the slapd to be modified without changing this (s) yourself -
syncrepl- Synchronization and replication according to RFC 4533 - Libraries that provide the LDAP protocol
- Tools, resources and examples
The following service is no longer supplied because the replication is now carried out via the Syncrepl.
-
slurpd- stand-alone LDAP update replication daemon
configuration
The configuration files for the OpenLDAP clients are under Linux (see also the manual page ldap.conf(5) ):
-
ldap.conf- Basic settings for clients
- On many Unix / Linux systems there are two files named
ldap.conf, usually in/etc/ldap.confand/etc/openldap/ldap.conf. The file/etc/ldap.confis only used to configurepam_ldap. The system-wide client configuration is/etc/openldap/ldap.conf.
-
~/.ldaprc- user-specific configuration file for clients
The OpenLDAP server configuration files are:
-
slapd.conf- Configuration of the slapd daemon (but this is an outdated method and is only used if configuration parameters are required that are notcn=configrecognized by the configuration backend, e.g. in version OpenLDAP-2.3.34 all SQL backends and some overlays ).
- The directory
slapd.d/is used for the online configuration. The slapd can store the entire configuration there as an LDIF file so that it isslapd.confno longer required. These files should not be edited! The openldap is then configured using the LDA protocol.
Web links
- Official website (English)
- OpenLDAP Software 2.4 Administrator's Guide - Reference Documentation for Installation and Configuration (English)
- OpenLDAP Faq-O-Matic - Answers to Frequently Asked Questions
- Volker Schwaberow: OpenLDAP practice. Tight administration In: Linux-Magazin 05/2001 .
Individual evidence
- ↑ github.com . January 30, 2020.
- ↑ The openldap Open Source Project on Open Hub: Languages Page . In: Open Hub . (accessed on July 14, 2018).
- ^ The OpenLDAP Public License. In: openldap.org. Accessed February 2, 2019 .