Building an LDAP Server on Linux, Part 1

LDAP provides central management of access, authentication, and authorization -- in other words, it makes your life as an admin much easier. Learn the ins and outs of LDAP as well as how to build your own LDAP server in this three-part series.

 By Carla Schroder
Page 1 of 3
Print Article

Your network is growing in size and complexity. It's taking on a life of its own, spreading and growing and absorbing everything in its path. You're tearing your hair out trying to keep track, and your users have somehow discovered your secret phone number and are pestering you with endless questions and demands — where do I find this; I don't want to keep track of a dozen different passwords; nothing works like it should.

Of several possible solutions, consider two: 1) find a new hiding place, or 2) implement an LDAP server. While finding a new hiding place might sound ideal, it's an option we're going to have to save for a future article. This series will instead explain what LDAP is good for, detail how to build an LDAP server, and cover what you can do with it.

What LDAP Can Do

In a nutshell, LDAP provides central management of access, authentication, and authorization. It's easily customizable and can:

  • Centralize user and group management
  • Centralize information stores
  • Set security and access control
  • Securely delegate read and modification authority
  • Serve almost any platform
  • Scale efficiently
What LDAP Cannot Do

  • Be a heavy-duty relational or transactional database
  • Be a filesystem
  • Leap tall buildings in any number of bounds
The LDAP protocol is cross-platform, network-aware, and standards-based. There are all kinds of LDAP implementations from all kinds of vendors. This series will focus on OpenLDAP on Linux.

Page 2: To DB or Not to DB

This article was originally published on Oct 7, 2003
Get the Latest Scoop with Networking Update Newsletter