I want to configure LDAP server on Linux (centos is most preferable) and I want to authenticate from my windows client to that LDAP server (on Linux) and also I want that home folder of the windows user must be stored on LDAP server (on Linux).
So how can I achieve this setup? is it possible?
You will need more than an LDAP server, as Windows clients are relying on more services than just LDAP.
Look at Samba Servers on Linux.
Related
I have a Rocketchat server on docker and have Openldap server on ubuntu 16.04. I want when any user registered in my Rocketchat server by default to be added to his ldap server automatically.
is this possible?
You probably would get it easier the other way, register the user in LDAP and then sync LDAP with RocketChat.
This way you can use LDAP Sync to get your RocketChat users synced.
I'm using LDAP admin to connect to an LDAP protected using SSL from a windows server 2008 VM but it kept saying the server is down. Pinging from the VM to the machine shows that it is up and when I run LDAP admin on my host machine with a windows 7 OS it works fine, any ideas what settings I should change on the server 2008 VM?
I had a similar issue and was able it get through to our LDAP by changing my VM's network setting. I was running bridged, when switched to NAT (effectively sharing my host computer's IP) I was then able to connect.
http://www.vmware.com/support/ws4/doc/network_configure_ws.html
Make sure that your LDAP is not protected by a firewall or configured to disallow your VMs IP or domain for connections. If you are authorizing to the LDAP server, recheck your credentials.
I have an LDAP server Novell eDirectory in my Environment through which has the user data. In my Environment i have set of Windows and Linux servers. I need to use this LDAP As the Authentication Source for for both the servers.
For Linux i need to achieve this by setting the linux as LDAP Client & extended edirectory schema for linux users and users are able to login into the machine and even able to create the home directories for the user. But the problem comes with the windows machines.
For windows machines i have used novell gina which authenticates the user using LDAP but it also requires a local or domain user credentials to login into the local system.Then for every user i have to create a local user on every system which is off target of purpose.
Then i have used pgina (Another Open Source Gina) through which i can authenticate the user using LDAP and it creates a profile for the user. Fine but it is also creating a local user with the LDAP username.If any admin changes password on the local machine for this user then the password of both the LDAP and local user will not be in sync.
How can i get the login behavoiur of active directory where it will authenticate against active directory (Think AD as LDAP) and creates a profile for you in the local system but never creates a local user.Anybody can throw some light on this to solve the issue?
Thanks and Regards,
Sunny.
I guess you are using Open Enterprise server. If you are on OES linux, probably you can use Domain Services for Windows This can help achieve what you want. You will not even need a gina login. Its a Domain emulator. So, there wont be any ldap login. It would be a kerberos login. Your eDirectory (and other related services) work exactly like AD domain. But nothing stops you to use the plain ldap login against eDirectory. You can continue to use the linux login as its now. If you are using gdm (gnome display manager) on linux it can do a domain login like the windows.
what's the best way to develop with ldap without having the connection to the productive ldap server. Can you recommend some software?
Thanks
I'd say a test instance of OpenLDAP :)
If you're more into the Microsoft space, you could also check out:
Active Directory Lightweight Directory Services (AD LDS)
which is a Windows service based subset of the full AD. You can spin up multiple instances of AD LDS and since it's a Windows service, you can also turn it off when no longer needed.
It depends on what kind of LDAP server you have in production. Usually it's a question "AD or not AD?"
If your productions server is AD then it would be either virtual machine with a domain controller or a local instance of AD LDS (formerly ADAM).
If your production server is a generic LDAP server then there is a wide set of options. These days I would use a virtual machine with any Linux and OpenLDAP or/and Fedora Directory Server, or a local instance(s) of ApacheDS or OpenDS.
If you do not want to install/host/configure a Microsoft Server with Active Directory, you can use the following for LDAP testing purposes:
https://documize.github.io/ad-ldap-test-server/
Try
https://github.com/Upekshe/simple-ldap-server
Its running a nodejs server, highly configurable, supports both ldap and ldaps
Dokerized version
https://hub.docker.com/r/upekshejay/simple-ldap-test-server
We are hosting our portal pages on a linux box. I am supposed to implement a single sign on where the user logs into his/her windows xp desktop and that login is consumed by the portal and used to set the user role appropriately. I really would like some answers on how this can work best.
Environment:
Jboss 4.2.2GA
Jboss portal 2.6.5
Redhat Enterprise Linux 5
There is absolutely no way of doing this right.