[K12OSN] Question regarding LDAP

Brian Chivers brian at portsmouth-college.ac.uk
Thu Jun 9 09:47:47 UTC 2005 

Shawn Powers wrote:
> On Jun 8, 2005, at 11:44 PM, cliebow at downeast.net wrote:
> 
>> Shawn: let me just ask if you need to chop up your sers by school  and by
>> class of graduation..
> 
> 
> It would be a really nice thing -- but I hadn't thought about it  
> really.  I currently have /home split up into graduating years like / 
> home/2010/student_name -- and it sounded a lot more useful than it  has 
> proven to be.  I wish I'd have just left them all in /home, it  would 
> have kept things simpler.
> 
>> This is what i been working on eith my scripts..got a
>> minmal machine to experiment with??chuck
> 
> 
> Heck, it's summer (starting Friday) -- I have a mondo machine to  
> experiment with. :)
> 
> -Shawn
> 
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
> 
I'm in the same boat. We currently have a mixture of NIS & Samba 2.2x but I'm moving the main server 
  to Samba3 / OpenLDAP. I was worried about getting the other servers to talk to LDAP for there 
login info etc but after setting up a test network I found it was really easy.

The other servers are a mixture of RH9 & Suse 9.x. For the Suse 9.x boxes it was just a matter of 
going into YAST and going to the relevent section and turn it on. The RH9 box's took a little bit 
nore as I had to install a couple of RPM's off the install CD but once that was done went into 
authconfig and setup the LDAP stuff and it just worked.

I'm in the process of moving all the users over to the new server but there are even scripts to do 
this automagically for you. I'm not using these as I'm taking the opportunity to weed out some old 
accounts and groups and having a fresh start.

The `smbldap-bulkadd` script makes it really easy to add student's and with the changes Matt has 
made you can use seperate home directories per user. We've got ours setup per tutor group so like this

\home_student\tutorgroup\username

Makes it so much quicker to move around, waiting for 4500 account to scroll past is a real pain *grin*

We haven't tried the Global Addressbook yet but doesn't look too hard to setup.

The key thing I've found is finding a GUI that you feel comfortable using. I use a mixture as of 
Windows (yes my desktop in a doze machine) and web based stuff. On the web based stuff it's worth 
looking at LAM and the Idealx Samba Console on the Doze side I use Jxplorer or Softerra LDAP Browser 
2.6. Both of these are free.

The web based stuff LAM is really easy to use, setup can be a bit fiddly but once it's running is 
really nice. I also have helped the creator of the Idealx Samba Console testing a few things on FC3 
and it's really good again setup offers a few `Gotcha's` but I've got it working one both my test 
system and the main production system (I actually built the rpm's that you can download for FC3 from 
sourceforge).

If you want a really amazing web based tool for LDAP with loads of bells & whistles look at GOSA, I 
didn't use it in the end as you have to do a bit a alterations to get it working such as adding 
schema's to all the users to get it working but once it's working it's really polished & flashy

Overall I think it's a good move.

If you'd like more info feel free to contact me.

Brian Chivers
Portsmouth College

---------------------------------------------------------------
    The views expressed here are my own and not necessarily 
                the views of Portsmouth College

More information about the K12OSN mailing list