LDAP: Difference between revisions
Jump to navigation
Jump to search
(Created page with "The [https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol Lightweight Directory Access Protocol (LDAP)] is used in RevSpace in most places where authentication...") |
(Add shell server) |
||
| Line 31: | Line 31: | ||
* [https://forum.revspace.nl Forum] | * [https://forum.revspace.nl Forum] | ||
* [[Spacenet|Spacenet RADIUS]] | * [[Spacenet|Spacenet RADIUS]] | ||
* [[Shell-jessie|Shell server]] | |||
Revision as of 16:52, 22 March 2024
The Lightweight Directory Access Protocol (LDAP) is used in RevSpace in most places where authentication is required.
Backend
- Server: ldap2.space.revspace.nl
- IP: 10.42.42.9
- Port: 636 (TLS)
- Software: slapd (openldap)
- Config: /etc/ldap/slapd.conf
- Database: LDIF (for easy recovery/editing)
- Location: /var/lib/ldap/data
- ACL: yes
Layout
dc=space,dc=revspace,dc=nl `-+- ou=groups # groepen van entiteiten | `-+- cn=board # groep van bestuursleden | `- cn=sudoers # groep van sysadmins +- ou=people # natuurlijke personen | `- uid=... +- ou=services # niet-natuurlijke personen | `- cn=... `- cn=admin # fallback admin account (emergency, console access, hardcoded in slapd.conf)