Secure LDAP Configuration
sajuptpm
sajuptpm at gmail.com
Thu Aug 12 08:26:57 EDT 2010
I want to create an LDAP database for my company with following
settings.
Only the ldap user belongs to my company can search and view ldap
entries
I want to protect ldap user belongs to my company
One ldap user can't search and view others details
Only allow ldap users to authenticate with there username and
password
I need an LDAP administrator for my company.Only he can add and
delete users from LDAP.
For these how configure /etc/openldap/slapd.conf
I need to add group and role infornations to ldap directory.Can i use
existing attributes like 'ou' for these or need to add new attribute.
Here is the LDAP entry i configured.
dn: uid=user6,dc=localhost,dc=localdomain
objectclass: top
objectclass: person
objectclass: inetorgperson
ou: [('userGroup111','userr'),('adminGroup','admin'),
('Server111','operator')]
cn: user6
sn: My company
uid: user6
userPassword: 123456
ou: [('userGroup111','userr'),('adminGroup','admin'),
('Server111','operator')] <-----newly added group and role pair.Is it
correct way????
Have any other way to do it.
More information about the Python-list
mailing list