LDAP System Administration |  | Author: Gerald Carter
Publisher: O'Reilly Media
Category: Book
List Price: $39.95
Buy Used: $5.18
as of 7/30/2010 18:11 CDT details
You Save: $34.77 (87%)
New (25) Used (29) from $5.18
Seller: Pondview Books
Rating:  21 reviews
Sales Rank: 127475
Media: Paperback
Edition: 1
Pages: 312
Number Of Items: 1
Shipping Weight (lbs): 1.2
Dimensions (in): 9.2 x 7 x 0.8
ISBN: 1565924916
Dewey Decimal Number: 004.62
EAN: 9781565924918
ASIN: 1565924916
Publication Date: March 20, 2003
Availability: Usually ships in 1-2 business days
| |
| Similar Items:
| |
| Editorial Reviews:
Product Description
Be more productive and make your life easier. That's what LDAP System Administration is all about. System administrators often spend a great deal of time managing configuration information located on many different machines: usernames, passwords, printer configurations, email client configurations, and network filesystem configurations, to name a few. LDAPv3 provides tools for centralizing all of the configuration information and placing it under your control. Rather than maintaining several administrative databases (NIS, Active Directory, Samba, and NFS configuration files), you can make changes in only one place and have all your systems immediately "see" the updated information. If you want to be a master of your domain, LDAP System Administration will help you get up and running quickly regardless of which LDAP version you use. After reading this book, even with no previous LDAP experience, you'll be able to integrate a directory server into essential network services such as mail, DNS, HTTP, and SMB/CIFS.
|
| Customer Reviews:
Showing reviews 1-5 of 21
 Best LDAP admin book I have seen November 7, 2006
James May (Lometa, TX United States)
13 out of 13 found this review helpful
This excellent book covers implementing and administering LDAP better than any I have seen. It's apparent to me that a great deal of thought has gone into key paragraphs. Despite some comments to the contrary, the organization is methodical and logical. Throughout the book there are references to other sources to further research related topics.
Chapter 1 LDAP is defined and you are pointed to the appropriate RFC's.
Chapter 2 is an overview of the LDAPv3 and explains very well the format of the LDIF directory data/structure files. Incidentally, I found that this book enhanced my understanding of Microsofts Active Directory which encompasses among other things LDAPv3.
Chapter 3 familiarizes you with the slapd.conf file and the example uses an SSHA hashed rootpw (an OpenSSL algorithm) and introduces you to the use of ACL's in this server config file.
Chapter 4 leads you through building a company white pages using the command line (which you certainly should know how to do even if you are a GUI fan); the chapter concludes with a brief list of GUI editors for the faint of heart.
Chapter 5 explains replicating to a backup LDAP server with slurpd, enhanced backups using generated LDIF files and distributing the directory to maximize network traffic efficiency. Additions, deletions and modifications to the database are illustrated. Searching is briefly, but concisely explained.
Chapter 6 begins Part II, application integration. The Pluggable Authentication module pam_ldap and it's configuration file, ldap.conf are discussed and there is a list of ldap.conf parameters with explanations. Replacing NIS with LDAP is covered in this chapter. Chapter 6 ends with a brief overview of security mechanisms in LDAPv3.
Chapter 7 presents LDAP as a directory storing email addresses and other contact information. Configuration examples for connection 4 popular email clients are included. Integration with 3 popular MTA's (postfix, sendmail and Exim) round out the chapter.
Chapter 8 introduces integration of network services other than authentication and email with LDAP. Among other things, DNS, printing and Samba LDAP integration are discussed.
Chapter 9 has a few valuable pointers in interoperability with other platforms, specifically Windows 2000 Active Directory. Digital certificates and Kerberos authentication on the Windows platform as relating to *nix are very briefly discussed.
Chapter 10, Net::LDAP and Perl gives a mainly informational overview of connecting, binding and searching and contains sample scripts using the Net::LDAP module. It also demonstrates adding, updating and deleting entries using Perl scripts instead of the LDIF methods earlier in the book. Note, however that this is not a book about programming; it is a book about LDAP Administration.
Lastly, this book does need an update. Some modules which were separate entities not so long ago are now symbolic links; for example:
/usr/local/sbin/slapacl -> slapd
/usr/local/sbin/slapadd -> slapd
/usr/local/sbin/slapauth -> slapd
/usr/local/sbin/slapcat -> slapd
/usr/local/sbin/slapd
/usr/local/sbin/slapdn -> slapd
/usr/local/sbin/slapindex -> slapd
/usr/local/sbin/slappasswd -> slapd
/usr/local/sbin/slaptest -> slapd
Even the best needs to be updated; and when it is I will be one of the first to purchase it.
LDAP protocol will very likely solve the complex problem of redundant authentication/authorization data spread across heterogenous networks. However, whether your users access resources through passwords or some other mechanism one thing stands out.
If your security database resides in one place, it must be secured and precautions taken that authentication data traversing the network cannot be sniffed or otherwise compromised. In general, most admins accomplish this by encryption using SSH/SSH2 or OpenSSH.
OpenSSH, in turn uses the encryption libraries of OpenSSL so it's a required dependency.
To summarize, IMHO: LDAP is only 1 part of the solution and this book covers it better than any other I have seen. No single reference will cover all the bases and like any well written book this one keeps the focus on the major subject of LDAP, but offers references to other related topics.
Above my workstation is a wooden shelf containing my most important references; this is one of them. I have found the following volumes very helpful and LDAP plays well with these technologies.
"LDAP System Administration" by Gerald Carter.
"SSH The Secure Shell, The Definitive Guide" by Daniel J. Barrett, Richard E. Silverman & Robert G. Byrnes.
"Network Security with OpenSSL" by John Viega, Matt Messier & Pravir Chandra.
"Kerberos: The Definitive Guide" by Jason Garman
These 4 volumes will help you both in securing your network and making it more productive and accessable to authorized users. These volumes complement each other.
If you need guidance for software development, you might try "Secure Programming Cookbook for C and C++" by John Viega and Matt Messier
Definitely Five stars - even though it does need updating.
This book fills a knowledge void and can make your life a lot easier. It can save you hours of Google searches, searching forums, pumping your friends for tips, trial and error, and grep'ing log files; this one deserves a slot in your special library.
Excellent book on OpenLDAP April 14, 2004
Melissa Evans (Pataskala, OH United States)
13 out of 15 found this review helpful
This book is probably the best book I have ever read on OpenLDAP implimentation. The title is somewhat misleading in that it does not go into LDAP in general, including deep history, heavy schema development, etc. However, it covers the down and dirty of implimenting OpenLDAP in detail. It covers: -detailed slapd.conf configuration
-pam_ldap
-nss specific and pam specific configuration parameters in ldap.conf
-DNS implimentation with LDAP
-conversion tools This book is an excellent guide on actually putting LDAP to work, including design, configuration and implimentation. This book is NOT designed for people looking to impliment other LDAP software (iPlanet, etc). This book does not cover in depth enterprise level roll-out, research, and user feedback. But if you want a great book that covers configuration and usage of OpenLDAP and Linux..this IS the book for you.
Awesome LDAP System Administrators Guide June 17, 2004
10 out of 12 found this review helpful
This book is an awesome reference for someone interested in SYSTEM ADMINISTRATION (hence the title.) If you are a newbie looking for broader, philosophical reasoning or basic directory theory, this is NOT the book for you. If you know why you want a directory and understand the basics, then this book will definitely meet your needs. I was especially pleased with the no-nonsense approach, that got me up and running with a replicated directory, including referrals and references, by page 90. Excellent recommendations with enough detail to get the job done, along with great references to other resources and tools. The only thing that was lacking was the Samba integration chapter, which is 2.2 based, probably due to the book's age. While there are other resources out there, a second edition would still be nice.
LDAP Without Hype: Get Started Today! May 13, 2003
6 out of 7 found this review helpful
This book is great! It covers using LDAP for user authentication and other configuration information as well as for data like phone directories. If you've not tried LDAP before, the book includes detailed information on installing OpenLDAP and configuring it. I'm already using LDAP, and I was happy to find some of the more obscure topics demystified by the author (for example, replication and SASL interaction). This book is for system administrators, not for programmers, and will turn you into the local LDAP guru in no time.
A great guide for implementing and integrating LDAP June 1, 2003
Robbie Allen (Raleigh, NC United States)
4 out of 5 found this review helpful
Anyone that has attempted to integrate LDAP with services such as Email, NIS, Samba, Printing, etc. knows how sparce the documentation on the Internet is, if you are lucky enough to find it. This book does a great job of describing how to implement LDAP and make the most of it! The author has a concise and easy to read style that makes for a quick read. If you are using or plan to use OpenLDAP, this book is a must. If you want to integrate the previously mentioned services with LDAP, even if not with OpenLDAP, this book is still very valuable.
Showing reviews 1-5 of 21
|
|
|
