LDAP and OpenLDAP (LDAP)

Unix-like systems, Linux - services

This course aims to introduce LDAP technologies to students and to teach them basic OpenLDAP server administration. Students will learn how to install OpenLDAP server, learn to configure LDAP as user database in Linux. Students will also learn how to integrate LDAP with common Linux services.

Location, current course term

Contact us

Vlastní

Školení na míru (termín, lokalita, obsah, délka)

The course:

Hide detail

• LDAP Concepts and Architecture
1. LDAP and X.500 technical specification
2. Attribute definitions
3. Directory namespaces
4. Distinguished names

• Directory Design
1. Define LDAP directory content
2. Organize directory
3. Planning appropriate Directory Information Trees

• Schemas
1. LDAP schema concepts
2. Create and modify schemas
3. Attribute and object class syntax

• Compiling and Installing OpenLDAP
1. Compile and configure OpenLDAP from source
2. Manage OpenLDAP daemon
3. Troubleshoot errors during installation

• Access Control Lists in LDAP
1. Plan LDAP access control lists
2. Grant and revoke LDAP access permissions
3. Access control syntax

• LDAP Replication
1. Replication concepts
2. Configure OpenLDAP replication
3. Execute and manage slurpd
4. Analyze replication log files
5. Understand replica hubs
6. LDAP referrals
7. LDAP sync replication

• Securing the Directory
1. Securing the directory with SSL and TLS
2. Firewall considerations
3. Unauthenticated access methods
4. User / password authentication methods
5. Maintanence of SASL user DB
6. Client / server certificates

• LDAP Server Performance Tuning
1. Measure LDAP performance
2. Tune software configuration to increase performance
3. Understand indexes

• OpenLDAP Daemon Configuration
1. slapd.conf configuration directives
2. slapd.conf database definitions
3. slapd and its command line options
4. Analyze slapd log files

• Searching the Directory
1. Use OpenLDAP search tools
2. Optimize LDAP search queries
3. Knowledge of search filters and their syntax

• LDAP Command Line Tools
1. Use the ldap* tools to access and modify the directory
2. Use the slap* tools to access and modify the directory

• Whitepages
1. Plan whitepages services
2. Configure whitepages services
3. Configure clients to retrieve data from whitepages services

• LDAP Integration with PAM and NSS
1. Configure PAM to use LDAP for authentication
2. Configure NSS to retrieve information from LDAP
3. Configure PAM modules in various Unix environments

• Integrating LDAP with Unix Services
1. Integrate SSH with LDAP
2. Integrate FTP with LDAP
3. Integrate HTTP with LDAP
4. Integrate FreeRADIUS with LDAP

• Integrating LDAP with Samba
1. Migrate from smbpasswd to LDAP
2. Understand OpenLDAP Samba schema
3. Understand LDAP as a Samba password backend

• Integrating LDAP with Email Services
1. Plan LDAP schema structure for email services
2. Create email attributes in LDAP
3. Integrate Postfix with LDAP

• Measure Resource Usage
1. Measure CPU, memory, disk I/O, network I/O
2. Measure firewalling and routing throughput
3. Map client bandwidth usage

• Troubleshoot Resource Problems
1. Match / correlate system symptoms with likely problems
2. Identify bottlenecks in a system

• Analyze Demand
1. Identify capacity demands
2. Detail capacity needs of programs
3. Determine CPU / memory needs of programs
4. Assemble program needs into a complete analysis

• Predict Future Resource Needs
1. Predict capacity break point of a configuration
2. Observe growth rate of capacity usage
3. Graph the trend of capacity usage

Assumed knowledge:

Basic Linux administration.

Recommended previous course:

Linux - Basic Administration (LNX1)

Schedule:

3 days (9:00 AM - 5:00 PM )

Language: