- Paperback: 312 pages
- Publisher: O'Reilly Media; 1 edition (March 30, 2003)
- Language: English
- ISBN-10: 1565924916
- ISBN-13: 978-1565924918
- Product Dimensions: 7 x 0.8 x 9.2 inches
- Shipping Weight: 1.2 pounds (View shipping rates and policies)
- Average Customer Review: 33 customer reviews
Amazon Best Sellers Rank:
#547,887 in Books (See Top 100 in Books)
- #10 in Books > Computers & Technology > Networking & Cloud Computing > Networks, Protocols & APIs > LDAP
- #90 in Books > Computers & Technology > Networking & Cloud Computing > Intranets & Extranets
- #123 in Books > Computers & Technology > Networking & Cloud Computing > Networks, Protocols & APIs > LAN
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
LDAP System Administration: Putting Directories to Work 1st Edition
Use the Amazon App to scan ISBNs and compare prices.
Fulfillment by Amazon (FBA) is a service we offer sellers that lets them store their products in Amazon's fulfillment centers, and we directly pack, ship, and provide customer service for these products. Something we hope you'll especially enjoy: FBA items qualify for FREE Shipping and Amazon Prime.
If you're a seller, Fulfillment by Amazon can help you increase your sales. We invite you to learn more about Fulfillment by Amazon .
"Enlightenment Now: The Case for Reason, Science, Humanism, and Progress"
Is the world really falling apart? Is the ideal of progress obsolete? Cognitive scientist and public intellectual Steven Pinker urges us to step back from the gory headlines and prophecies of doom, and instead, follow the data: In seventy-five jaw-dropping graphs, Pinker shows that life, health, prosperity, safety, peace, knowledge, and happiness are on the rise. Learn more
Frequently bought together
Customers who bought this item also bought
Customers who viewed this item also viewed
"This is a clearly written and well structured book with good use of example and figures... I thoroughly commend the text to those who are looking to centralise information directories." - Raza Rizvi, news@UK, December 2003
About the Author
Gerald (Jerry) Carter received his Masters degree in Computer Science from Auburn University, where he continues to pursue his PhD. He has been a member of the Samba development Team since 1998 and his involvement with Unix systems and network administration of UNIX began in 1995. Jerry currently works for HP, working on embedded printing appliances. Having published articles with various web-based magazines, he teaches instructional courses as a consultant for several companies and conferences.
Top customer reviews
There was a problem filtering reviews right now. Please try again later.
LDAP System Administration starts with a brief review of LDAP in its incarnations and takes you quickly into the theory of distributed directory services. This book will work best if you some place where you can experiment with the commands a bit.
The book does a good job of describing LDIF files which are a must for all but the most insignificant updates. Once you have an understanding of the commands, I suggest you get one of the graphical tools discussed in the book. These tools will allow you to import and export LDIF files and, in general, make your life a delight.
If you are building your first distributed directory implementation, get one of the books on Unix system administration or the NIS/NFS system administration book.
Though I bought the paper version of this book, I was happy to see a Kindle version available. I may still yet get the Kindle version but for now, the paper version is meeting my needs.
Chapter 1 LDAP is defined and you are pointed to the appropriate RFC's.
Chapter 2 is an overview of the LDAPv3 and explains very well the format of the LDIF directory data/structure files. Incidentally, I found that this book enhanced my understanding of Microsofts Active Directory which encompasses among other things LDAPv3.
Chapter 3 familiarizes you with the slapd.conf file and the example uses an SSHA hashed rootpw (an OpenSSL algorithm) and introduces you to the use of ACL's in this server config file.
Chapter 4 leads you through building a company white pages using the command line (which you certainly should know how to do even if you are a GUI fan); the chapter concludes with a brief list of GUI editors for the faint of heart.
Chapter 5 explains replicating to a backup LDAP server with slurpd, enhanced backups using generated LDIF files and distributing the directory to maximize network traffic efficiency. Additions, deletions and modifications to the database are illustrated. Searching is briefly, but concisely explained.
Chapter 6 begins Part II, application integration. The Pluggable Authentication module pam_ldap and it's configuration file, ldap.conf are discussed and there is a list of ldap.conf parameters with explanations. Replacing NIS with LDAP is covered in this chapter. Chapter 6 ends with a brief overview of security mechanisms in LDAPv3.
Chapter 7 presents LDAP as a directory storing email addresses and other contact information. Configuration examples for connection 4 popular email clients are included. Integration with 3 popular MTA's (postfix, sendmail and Exim) round out the chapter.
Chapter 8 introduces integration of network services other than authentication and email with LDAP. Among other things, DNS, printing and Samba LDAP integration are discussed.
Chapter 9 has a few valuable pointers in interoperability with other platforms, specifically Windows 2000 Active Directory. Digital certificates and Kerberos authentication on the Windows platform as relating to *nix are very briefly discussed.
Chapter 10, Net::LDAP and Perl gives a mainly informational overview of connecting, binding and searching and contains sample scripts using the Net::LDAP module. It also demonstrates adding, updating and deleting entries using Perl scripts instead of the LDIF methods earlier in the book. Note, however that this is not a book about programming; it is a book about LDAP Administration.
Lastly, this book does need an update. Some modules which were separate entities not so long ago are now symbolic links; for example:
/usr/local/sbin/slapacl -> slapd
/usr/local/sbin/slapadd -> slapd
/usr/local/sbin/slapauth -> slapd
/usr/local/sbin/slapcat -> slapd
/usr/local/sbin/slapdn -> slapd
/usr/local/sbin/slapindex -> slapd
/usr/local/sbin/slappasswd -> slapd
/usr/local/sbin/slaptest -> slapd
Even the best needs to be updated; and when it is I will be one of the first to purchase it.
LDAP protocol will very likely solve the complex problem of redundant authentication/authorization data spread across heterogenous networks. However, whether your users access resources through passwords or some other mechanism one thing stands out.
If your security database resides in one place, it must be secured and precautions taken that authentication data traversing the network cannot be sniffed or otherwise compromised. In general, most admins accomplish this by encryption using SSH/SSH2 or OpenSSH.
OpenSSH, in turn uses the encryption libraries of OpenSSL so it's a required dependency.
To summarize, IMHO: LDAP is only 1 part of the solution and this book covers it better than any other I have seen. No single reference will cover all the bases and like any well written book this one keeps the focus on the major subject of LDAP, but offers references to other related topics.
Above my workstation is a wooden shelf containing my most important references; this is one of them. I have found the following volumes very helpful and LDAP plays well with these technologies.
"LDAP System Administration" by Gerald Carter.
"SSH The Secure Shell, The Definitive Guide" by Daniel J. Barrett, Richard E. Silverman & Robert G. Byrnes.
"Network Security with OpenSSL" by John Viega, Matt Messier & Pravir Chandra.
"Kerberos: The Definitive Guide" by Jason Garman
These 4 volumes will help you both in securing your network and making it more productive and accessable to authorized users. These volumes complement each other.
If you need guidance for software development, you might try "Secure Programming Cookbook for C and C++" by John Viega and Matt Messier
Definitely Five stars - even though it does need updating.
This book fills a knowledge void and can make your life a lot easier. It can save you hours of Google searches, searching forums, pumping your friends for tips, trial and error, and grep'ing log files; this one deserves a slot in your special library.