Seaghan McNelis
smcnelis@symas.com
0
Article
Last Month
How to Create Certificates for OpenLDAP
Published March 1st, 2024 by Seaghan McNelis
In this article, we are assuming you have OpenSSL installed. You will first generate a CA certificate and then server certificates for each OpenLDAP server in your environment. What Is SSL? Secure Sockets Layer (SSL) is a communication protocol that encrypts data sent between devices or applications on a network. It's a standard technology that prev
Configure SSSD with LDAP on CentOS/RHEL7 Client
Published March 1st, 2024 by Seaghan McNelis
Replace ‘certfile.crt’ with your own .crt file. Before proceeding make sure you have a CA certificate created, learn how to by clicking here. 1. Place the CA certificate in the necessary directory: /opt/symas/ssl/ca/certfile.crt 2. If /opt/symas/ssl/ca/ does not exist, create the directory: mkdir -p /opt/symas/ssl/ca/ 3. Install SSSD client on the
Configure SSSD with LDAP on Ubuntu Client
Published March 1st, 2024 by Seaghan McNelis
Replace ‘certfile.crt’ with your own .crt file. Before proceeding make sure you have a CA certificate created, learn how to by clicking here. 1. Place the CA certificate in the necessary directory: /opt/symas/ssl/ca/certfile.crt 2. If /opt/symas/ssl/ca/ does not exist, create the directory: mkdir -p /opt/symas/ssl/ca/ 3. Install SSSD client on the
Configure SSSD with LDAP on CentOS/RHEL6 Client
Published February 29th, 2024 by Seaghan McNelis
Replace ‘certfile.crt’ with your own .crt file. Before proceeding make sure you have a CA certificate created, learn how to by clicking here. 1. Place the CA certificate in the necessary directory: /opt/symas/ssl/ca/certfile.crt 2. If /opt/symas/ssl/ca/ does not exist, create the directory: mkdir -p /opt/symas/ssl/ca/ 3. Install SSSD client on the
SSSD and OpenLDAP
Published February 28th, 2024 by Seaghan McNelis
Updated by S. McNelis Date: 06-12-2024 This guide describes how to set up SSSD (System Security Services Daemon) and an OpenLDAP server to manage user authentication on various machines when user data is stored on a remote OpenLDAP server. SSSD builds on various services like PAM, NSS, and SSH to provide a centralized authentication solution. Instal
Configure LDAP Client on Ubuntu
Published February 23rd, 2024 by Seaghan McNelis
Install and configure LDAP client on Ubuntu Please attempt to setup SSSD client first. LDAP Client setup will be for older OSes. 1. Install LDAP client utilities on the Ubuntu client: sudo apt -y install libnss-ldap libpam-ldap ldap-utils 2. Enter LDAP URI - This information can be the IP address or hostname of the ldap server: ldap://ma1prdlda
What is LDIF?
Published February 29th, 2024 by Seaghan McNelis
The LDAP Data Interchange Format (LDIF) serves as a standard plain text format for representing LDAP directory content. Each entry in the LDAP directory is represented as a record in LDIF format, facilitating the description of directory objects and any modifications that need to be made. LDIF Fields DN (Distinguished Name): Uniquely identifies an e
Setup Back_LDAP Proxy
Published February 28th, 2024 by Seaghan McNelis
Date: 01-17-2022 Last Updated: 08-08-2024 Overview The LDAP backend redirects requests to another server, acting as an LDAP proxy. This allows the use of common configuration directives such as suffix, which selects the appropriate backend when a request is received by the server. Access control lists (ACLs), size and time limits, and other settings
How to Update OpenLDAP Configuration Dynamically
Published September 4th, 2024 by Seaghan McNelis
Date: 09-04-2024 Overview This guide explains how to update the OpenLDAP configuration offline using the slapmodify command without running the slapd service. This process can be useful for making critical configuration changes, such as updating the root password or modifying access controls, when the normal ldapmodify operation is not sufficient du
Securing Replication
Published February 28th, 2024 by Seaghan McNelis
Date: 11-04-2022 Secure Protocols Symas OpenLDAP offers two protocols for securing (encrypting) replication connections: LDAPS (ldaps://\/) LDAP over TLS (ldap://\/ + START_TLS) Both protocols require the use of a common TLS CA certificate issued by a trusted certificate authority (CA) for establishing an encrypted connection between the replication
LDIFAnon Example: Input and Anonymized Output
Published November 14th, 2024 by Seaghan McNelis
Overview This article provides a simple example of how ldifanon processes an LDIF file. The example shows both the original LDIF input and the corresponding anonymized output after running ldifanon with a blacklist of attributes to be anonymized. This should help users understand how the tool works and what to expect from the anonymization process.
Uninstall/Upgrade Symas OpenLDAP
Published March 1st, 2024 by Seaghan McNelis
Date: 01-17-2022 Updated: 07-08-2024 Recommended Order for Upgrades Normally, upgrades can be performed on any server in any order. However, Symas recommends performing upgrades to consumer servers before producer servers. If any part of the process encounters a problem, it is easier to restore a consumer server than a producer. Additionally, this w
Load More