You are not logged in.
- Topics: Active | Unanswered
#1 2016-08-26 14:52:20
- medicineman25
- Member
- Registered: 2014-12-03
- Posts: 110
[SOLVED] 'Suffix of the server' and LDAP
Hey fems and bots,
I am setting up a small file server and just for kicks I really wanted to experiment with LDAP for password security. The configuration is as follows:
1x machine running: apache http file server with ldap client
1x SEPARATE machine running: ldap server
I am following this (and other guides, slowly piecing the pieces together):
https://wiki.archlinux.org/index.php/OpenLDAP
Under the section called 'the client', it says the following
The client
The client config file is located at /etc/openldap/ldap.conf.
It is quite simple: you will only have to alter BASE to reflect the suffix of the server, and URI to reflect the address of the server, like:
/etc/openldap/ldap.conf
BASE dc=example,dc=com
URI ldap://localhostThis is my /etc/hosts file:
#
# /etc/hosts: static lookup table for host names
#
#<ip-address> <hostname.domain.org> <hostname>
127.0.0.1 localhost.localdomain localhost
::1 localhost.localdomain localhost
#End of fileNow, this may seem fairly rudimentary (coz it is), but would I put 'localhost.localdomain' next to BASE and URI i.e.:
BASE dc=localhost,dc=localdomain
URI ldap://(actual hostname of ldap server, which is: servant) But if I do that then won't it simply direct to itself? Wouldn't I need to set a proper fqdn for the server?
Say, something like:
# SERVER FILE
# /etc/hosts: static lookup table for host names
#
#<ip-address> <hostname.domain.org> <hostname>
127.0.0.1 localhost.localdomain localhost
::1 localhost.localdomain localhost
10.0.0.26 servant.localdomain servant
#End of fileand then on the client:
BASE dc=servant,dc=localdomain
URI ldap://servant ?? Any confirmation or redirection would be greatly appreciated.
Thanks in advance!
MedicineMan25
Last edited by medicineman25 (2016-08-26 16:14:05)
Offline
#2 2016-08-26 16:04:39
- medicineman25
- Member
- Registered: 2014-12-03
- Posts: 110
Re: [SOLVED] 'Suffix of the server' and LDAP
NEVERMIIIIIIIND!!! 
I read this:
http://compinfopro.com/dns-suffix-what-does-it-mean/
And it all made sense. What I need to do is:
# SERVER SIDE
# /etc/hosts: static lookup table for host names
#
#<ip-address> <hostname.domain.org> <hostname>
127.0.0.1 localhost.localdomain localhost
::1 localhost.localdomain localhost
10.0.0.26 servant.localdomain servant
#End of fileand then on the client side (in ldap.conf):
BASE dc=servant,dc=localdomain
URI ldap://servant.localdomainNOTE: this MAY or may NOT be 100% correct for the client side file, I have a feeling that the BASE definition doesn't need to be the FQDN and the URI may need to be FQDN (or not, haven't figured that bit out yet... but I know the answer is staring me right in the face). I will do some more brain things and some testing and report back. woot.
Last edited by medicineman25 (2016-08-26 16:05:20)
Offline
#3 2016-08-26 16:13:43
- medicineman25
- Member
- Registered: 2014-12-03
- Posts: 110
Re: [SOLVED] 'Suffix of the server' and LDAP
OK... SO!! I found this:
http://www.brennan.id.au/20-Shared_Addr … _LDAP.html
It shows a table about halfway down, explaining the different naming conventions. This is one of those entries:
DESCRIPTION STRING VALUE
Base Domain dc=example,dc=comSo basically, this means that I need to do THIS in the ldap.conf file:
BASE dc=localdomain
URI ldap://servant.localdomainOR alternatively, I could do this:
BASE dc=localdomain
URI ldap://10.0.0.26In fact I'm pretty sure I could even put completely remote machines here i.e. NOT within the same LAN. As long as I did in fact put the appropriate DNS suffix in BASE and one of either the public IP or even a ddns url (not sure on this one just spit-balling)
I love this forum. So many problems solved by typing into the interwebz... SOLVED!!!!
Offline