[K12OSN] Question regarding LDAP
brian at portsmouth-college.ac.uk
Thu Jun 9 09:47:47 UTC 2005
Shawn Powers wrote:
> On Jun 8, 2005, at 11:44 PM, cliebow at downeast.net wrote:
>> Shawn: let me just ask if you need to chop up your sers by school and by
>> class of graduation..
> It would be a really nice thing -- but I hadn't thought about it
> really. I currently have /home split up into graduating years like /
> home/2010/student_name -- and it sounded a lot more useful than it has
> proven to be. I wish I'd have just left them all in /home, it would
> have kept things simpler.
>> This is what i been working on eith my scripts..got a
>> minmal machine to experiment with??chuck
> Heck, it's summer (starting Friday) -- I have a mondo machine to
> experiment with. :)
> K12OSN mailing list
> K12OSN at redhat.com
> For more info see <http://www.k12os.org>
I'm in the same boat. We currently have a mixture of NIS & Samba 2.2x but I'm moving the main server
to Samba3 / OpenLDAP. I was worried about getting the other servers to talk to LDAP for there
login info etc but after setting up a test network I found it was really easy.
The other servers are a mixture of RH9 & Suse 9.x. For the Suse 9.x boxes it was just a matter of
going into YAST and going to the relevent section and turn it on. The RH9 box's took a little bit
nore as I had to install a couple of RPM's off the install CD but once that was done went into
authconfig and setup the LDAP stuff and it just worked.
I'm in the process of moving all the users over to the new server but there are even scripts to do
this automagically for you. I'm not using these as I'm taking the opportunity to weed out some old
accounts and groups and having a fresh start.
The `smbldap-bulkadd` script makes it really easy to add student's and with the changes Matt has
made you can use seperate home directories per user. We've got ours setup per tutor group so like this
Makes it so much quicker to move around, waiting for 4500 account to scroll past is a real pain *grin*
We haven't tried the Global Addressbook yet but doesn't look too hard to setup.
The key thing I've found is finding a GUI that you feel comfortable using. I use a mixture as of
Windows (yes my desktop in a doze machine) and web based stuff. On the web based stuff it's worth
looking at LAM and the Idealx Samba Console on the Doze side I use Jxplorer or Softerra LDAP Browser
2.6. Both of these are free.
The web based stuff LAM is really easy to use, setup can be a bit fiddly but once it's running is
really nice. I also have helped the creator of the Idealx Samba Console testing a few things on FC3
and it's really good again setup offers a few `Gotcha's` but I've got it working one both my test
system and the main production system (I actually built the rpm's that you can download for FC3 from
If you want a really amazing web based tool for LDAP with loads of bells & whistles look at GOSA, I
didn't use it in the end as you have to do a bit a alterations to get it working such as adding
schema's to all the users to get it working but once it's working it's really polished & flashy
Overall I think it's a good move.
If you'd like more info feel free to contact me.
The views expressed here are my own and not necessarily
the views of Portsmouth College
More information about the K12OSN