FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User

 
 
LinkBack Thread Tools
 
Old 03-20-2008, 04:57 PM
"Thom Paine"
 
Default Ldap, Pam, Nss, Samba

I have a server that I use as a domain controller with samba. It's
fairly simple, I don't have ldap or pam or nss.

I need to add ldap functionality to it, and I also need to make global
address books available to the Outlook users for a new email gateway
we will be using.

Is open ldap all I need? I've been reading samba 3 by example and am
unsure what all I need to get going.

Anyone have some time to communicate with me off list about this? On
list is fine too, I jsut didn't want to add too much noise.

Thanks.

--
-=/>Thom

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 03-20-2008, 05:58 PM
"Thom Paine"
 
Default Ldap, Pam, Nss, Samba

All I need for now is an address book for the facility here, then
another one that the users can search through that is integrated with
an outside directory for users to pick mail to send to.

--
-=/>Thom

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 03-21-2008, 03:28 AM
Ric Moore
 
Default Ldap, Pam, Nss, Samba

On Thu, 2008-03-20 at 14:58 -0400, Thom Paine wrote:
> All I need for now is an address book for the facility here, then
> another one that the users can search through that is integrated with
> an outside directory for users to pick mail to send to.

Good luck! There are several step-by-steps available that disagree with
each other on one point or another. It's easy has heck to stay confused.
I'm waiting for someone to come up with a nice and easy gui that will
design the proper connections for me, after I fill in some blanks and
check off some tick boxes! Someone will do it, and earn my everlasting
praise and thanks. I have prayed over the matter. <grins> Ric

--
================================================
My father, Victor Moore (Vic) used to say:
"There are two Great Sins in the world...
..the Sin of Ignorance, and the Sin of Stupidity.
Only the former may be overcome." R.I.P. Dad.
Linux user# 44256 Sign up at: http://counter.li.org/
http://www.sourceforge.net/projects/oar
http://www.wayward4now.net <---down4now too
================================================

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 03-21-2008, 03:28 AM
Ric Moore
 
Default Ldap, Pam, Nss, Samba

On Thu, 2008-03-20 at 14:58 -0400, Thom Paine wrote:
> All I need for now is an address book for the facility here, then
> another one that the users can search through that is integrated with
> an outside directory for users to pick mail to send to.

Good luck! There are several step-by-steps available that disagree with
each other on one point or another. It's easy has heck to stay confused.
I'm waiting for someone to come up with a nice and easy gui that will
design the proper connections for me, after I fill in some blanks and
check off some tick boxes! Someone will do it, and earn my everlasting
praise and thanks. I have prayed over the matter. <grins> Ric

--
================================================
My father, Victor Moore (Vic) used to say:
"There are two Great Sins in the world...
..the Sin of Ignorance, and the Sin of Stupidity.
Only the former may be overcome." R.I.P. Dad.
Linux user# 44256 Sign up at: http://counter.li.org/
http://www.sourceforge.net/projects/oar
http://www.wayward4now.net <---down4now too
================================================

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 03-21-2008, 03:28 AM
Ric Moore
 
Default Ldap, Pam, Nss, Samba

On Thu, 2008-03-20 at 14:58 -0400, Thom Paine wrote:
> All I need for now is an address book for the facility here, then
> another one that the users can search through that is integrated with
> an outside directory for users to pick mail to send to.

Good luck! There are several step-by-steps available that disagree with
each other on one point or another. It's easy has heck to stay confused.
I'm waiting for someone to come up with a nice and easy gui that will
design the proper connections for me, after I fill in some blanks and
check off some tick boxes! Someone will do it, and earn my everlasting
praise and thanks. I have prayed over the matter. <grins> Ric

--
================================================
My father, Victor Moore (Vic) used to say:
"There are two Great Sins in the world...
..the Sin of Ignorance, and the Sin of Stupidity.
Only the former may be overcome." R.I.P. Dad.
Linux user# 44256 Sign up at: http://counter.li.org/
http://www.sourceforge.net/projects/oar
http://www.wayward4now.net <---down4now too
================================================

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 03-21-2008, 03:45 AM
Craig White
 
Default Ldap, Pam, Nss, Samba

On Fri, 2008-03-21 at 00:28 -0400, Ric Moore wrote:
> On Thu, 2008-03-20 at 14:58 -0400, Thom Paine wrote:
> > All I need for now is an address book for the facility here, then
> > another one that the users can search through that is integrated with
> > an outside directory for users to pick mail to send to.
>
> Good luck! There are several step-by-steps available that disagree with
> each other on one point or another. It's easy has heck to stay confused.
> I'm waiting for someone to come up with a nice and easy gui that will
> design the proper connections for me, after I fill in some blanks and
> check off some tick boxes! Someone will do it, and earn my everlasting
> praise and thanks. I have prayed over the matter. <grins> Ric
----
GUI based console...however I wouldn't necessarily suggest that this is
going to make things any easier for you.
http://directory.fedoraproject.org/

The reason that 'step-by-steps' disagree with each other is because
there is no one correct way to do things but whatever works is likely
correct.

The fact is that the original concept of LDAP bears little resemblance
to the uses that it has today.

If you want the one-vision, GUI based, rigidly designed, fill in some
blanks, check off some boxes LDAP, Microsoft Active Directory is the
ticket. But you will bang your head against the wall once you try to
customize it.

The really simple answer...learn LDAP. The simple book and method to
learn LDAP...
LDAP System Administration by Gerald Carter. Book is now getting old,
long in the tooth, uses ldbm instead of bdb but the book makes it really
obvious how to use LDAP and once you learn that, customizing it for what
you want to accomplish is simple.

Craig

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 03-21-2008, 06:09 AM
Ric Moore
 
Default Ldap, Pam, Nss, Samba

On Thu, 2008-03-20 at 21:45 -0700, Craig White wrote:
> On Fri, 2008-03-21 at 00:28 -0400, Ric Moore wrote:
> > On Thu, 2008-03-20 at 14:58 -0400, Thom Paine wrote:
> > > All I need for now is an address book for the facility here, then
> > > another one that the users can search through that is integrated with
> > > an outside directory for users to pick mail to send to.
> >
> > Good luck! There are several step-by-steps available that disagree with
> > each other on one point or another. It's easy has heck to stay confused.
> > I'm waiting for someone to come up with a nice and easy gui that will
> > design the proper connections for me, after I fill in some blanks and
> > check off some tick boxes! Someone will do it, and earn my everlasting
> > praise and thanks. I have prayed over the matter. <grins> Ric
> ----
> GUI based console...however I wouldn't necessarily suggest that this is
> going to make things any easier for you.
> http://directory.fedoraproject.org/
>
> The reason that 'step-by-steps' disagree with each other is because
> there is no one correct way to do things but whatever works is likely
> correct.

So, if you follow one and it doesn't cut it, then try to follow that
with another that might not like the first attempt text edits, then the
pooch is screwed. At least that seems to be my experience.

> The fact is that the original concept of LDAP bears little resemblance
> to the uses that it has today.
>
> If you want the one-vision, GUI based, rigidly designed, fill in some
> blanks, check off some boxes LDAP, Microsoft Active Directory is the
> ticket. But you will bang your head against the wall once you try to
> customize it.

I would prefer that one-vision GUI based, rigidly designed, fill in some
blanks, check off some boxes LDAP, to just get it to work, with room to
try hand editing a *working* system later, all in Open Source. How 'bout
those apples?? <cackles> If the M$ idiots can do it, are you saying that
our propeller heads can't?? Say it ain't so!

>
> The really simple answer...learn LDAP. The simple book and method to
> learn LDAP...
> LDAP System Administration by Gerald Carter. Book is now getting old,
> long in the tooth, uses ldbm instead of bdb but the book makes it really
> obvious how to use LDAP and once you learn that, customizing it for what
> you want to accomplish is simple.

Thank God we don't take that approach to all the other major apps. Half
this group would be without email or a network to pipe it through. I
studied sendmail for a solid week in a real paid-for classroom setting.
But, I'd STILL prefer a gui anyday of the week as, without regular use,
the knowledge has completely escaped me. Gone. Phfffft! Up in smoke.
Departed. Gone to the hereafter and the rest of that Dead Parrot
routine.

I *could* go back and re-learn how to script HTML with vi, but I'm lazy
as heck and much prefer to use an WYSIWYG HTML editor. Same thing. At
any rate, I've buckled down hard, on three occasions, from scratch, and
could not manage to get it to work. And, I'm admitting to it, open to
the dread of potential public shame and ridicule. I set up the scripts
and somewhere in the setting up of the mysql entries it burps and
refuses to work. Just maybe the howtos were a little bit outa date?

So, I'd also have to learn all of the mysteries of MSQL in order to get
past that as well? I used to run dbaseII from command line in CP/M. I
hated that too! <grins hugely> I just want for our mailing list of 1,300
entries to be accessible to the web to just a couple of users. I just
never imagined it would be so difficult. I've done the hard
part ...typing all of that membership stuff in. OK, I'll try it one more
time, but it won't be tonight! <sighs> Ric



--
================================================
My father, Victor Moore (Vic) used to say:
"There are two Great Sins in the world...
..the Sin of Ignorance, and the Sin of Stupidity.
Only the former may be overcome." R.I.P. Dad.
Linux user# 44256 Sign up at: http://counter.li.org/
http://www.sourceforge.net/projects/oar
http://www.wayward4now.net <---down4now too
================================================

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 03-21-2008, 12:39 PM
Craig White
 
Default Ldap, Pam, Nss, Samba

On Fri, 2008-03-21 at 03:09 -0400, Ric Moore wrote:
> On Thu, 2008-03-20 at 21:45 -0700, Craig White wrote:

> > If you want the one-vision, GUI based, rigidly designed, fill in some
> > blanks, check off some boxes LDAP, Microsoft Active Directory is the
> > ticket. But you will bang your head against the wall once you try to
> > customize it.
>
> I would prefer that one-vision GUI based, rigidly designed, fill in some
> blanks, check off some boxes LDAP, to just get it to work, with room to
> try hand editing a *working* system later, all in Open Source. How 'bout
> those apples?? <cackles> If the M$ idiots can do it, are you saying that
> our propeller heads can't?? Say it ain't so!
----
They exist but only as a turnkey type setup like the smbldap setup
within k12ltsp.

Here's the problem...the LDAP solution provided fits only their purpose,
in the end, you still haven't learned a thing about LDAP and heaven
forbid you need to extend LDAP for other uses or maintain OpenLDAP
because it breaks, you haven't a clue on how to fix it. OpenLDAP uses
berkley db and it's not a friendly system for repair without knowledge.

Add to that, the fact that their are so many options, SASL, Kerberos,
SSL Certificates for server and for clients presents a really complex
set of choices. Fedora Directory Server which I linked earlier does
simplify some of this stuff and that is probably the only open source
hope you have for trying to use an LDAP authentication setup that you
don't have to learn the nuts and bolts but that's still quite a ways
away from being what you are looking for.

'to just get it to work' doesn't mean anything...what you want it to do
is different from what I want it to do and thus everyone's definition of
'just work' is entirely different.
----
> >
> > The really simple answer...learn LDAP. The simple book and method to
> > learn LDAP...
> > LDAP System Administration by Gerald Carter. Book is now getting old,
> > long in the tooth, uses ldbm instead of bdb but the book makes it really
> > obvious how to use LDAP and once you learn that, customizing it for what
> > you want to accomplish is simple.
>
> Thank God we don't take that approach to all the other major apps. Half
> this group would be without email or a network to pipe it through. I
> studied sendmail for a solid week in a real paid-for classroom setting.
> But, I'd STILL prefer a gui anyday of the week as, without regular use,
> the knowledge has completely escaped me. Gone. Phfffft! Up in smoke.
> Departed. Gone to the hereafter and the rest of that Dead Parrot
> routine.
>
> I *could* go back and re-learn how to script HTML with vi, but I'm lazy
> as heck and much prefer to use an WYSIWYG HTML editor. Same thing. At
> any rate, I've buckled down hard, on three occasions, from scratch, and
> could not manage to get it to work. And, I'm admitting to it, open to
> the dread of potential public shame and ridicule. I set up the scripts
> and somewhere in the setting up of the mysql entries it burps and
> refuses to work. Just maybe the howtos were a little bit outa date?
>
> So, I'd also have to learn all of the mysteries of MSQL in order to get
> past that as well? I used to run dbaseII from command line in CP/M. I
> hated that too! <grins hugely> I just want for our mailing list of 1,300
> entries to be accessible to the web to just a couple of users. I just
> never imagined it would be so difficult. I've done the hard
> part ...typing all of that membership stuff in. OK, I'll try it one more
> time, but it won't be tonight! <sighs> Ric
----
Your rant is typical of those who rant about LDAP. They don't understand
it, how it works, how to make it work and don't want to invest the time
to learn it.

The solution is simple...buy the book I suggested and invest 3 hours -
that's all it takes, and you will understand LDAP and see the
pointlessness of your rant.

Craig

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 03-21-2008, 11:42 PM
Ric Moore
 
Default Ldap, Pam, Nss, Samba

On Fri, 2008-03-21 at 06:39 -0700, Craig White wrote:

> Your rant is typical of those who rant about LDAP. They don't understand
> it, how it works, how to make it work and don't want to invest the time
> to learn it.
>
> The solution is simple...buy the book I suggested and invest 3 hours -
> that's all it takes, and you will understand LDAP and see the
> pointlessness of your rant.

It wasn't completely pointless, I felt a LOT better after venting.
<smirks> Ric

--
================================================
My father, Victor Moore (Vic) used to say:
"There are two Great Sins in the world...
..the Sin of Ignorance, and the Sin of Stupidity.
Only the former may be overcome." R.I.P. Dad.
Linux user# 44256 Sign up at: http://counter.li.org/
http://www.sourceforge.net/projects/oar
http://www.wayward4now.net <---down4now too
================================================

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 03-22-2008, 02:26 AM
Craig White
 
Default Ldap, Pam, Nss, Samba

On Fri, 2008-03-21 at 20:42 -0400, Ric Moore wrote:
> On Fri, 2008-03-21 at 06:39 -0700, Craig White wrote:
>
> > Your rant is typical of those who rant about LDAP. They don't understand
> > it, how it works, how to make it work and don't want to invest the time
> > to learn it.
> >
> > The solution is simple...buy the book I suggested and invest 3 hours -
> > that's all it takes, and you will understand LDAP and see the
> > pointlessness of your rant.
>
> It wasn't completely pointless, I felt a LOT better after venting.
> <smirks> Ric
----
until next time...

Craig

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 

Thread Tools




All times are GMT. The time now is 06:39 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org