Options

OpenLDAP Alternative

NightShade03NightShade03 Member Posts: 1,383 ■■■■■■■□□□
in Off-Topic
So I've been playing with this OpenLDAP server for a week now and I've managed to get it working, although I still can't figure out TLS integration. I have setup a Centos-Directory Server and it comes with a Java GUI + command line, took me 5 minutes to do that lol

Anyone know the differences between the two? I wouldn't want to invest time in OpenLDAP if Centos-DS is easier, but I also want to make sure Centos-DS is good to use.
Modular Learning - Learn Something New

SE Notebook
· Share on FacebookShare on Twitter

Comments

  • Options
    darkerosxxdarkerosxx Banned Posts: 1,343
    Directory Server is pretty well respected, I haven't heard of any problems with it.

    Check out FreeIPA. I'm actually testing it now, they're supposed to have V2 ready to be released with RHEL6 (CentOS 6)

    Main Page - Free IPA
    · Share on FacebookShare on Twitter
  • Options
    Forsaken_GAForsaken_GA Member Posts: 4,024
    out of curiosity, what OS were you implementing OpenLDAP on?

    If it's Debian, a large part of your TLS problems are probably coming from the fact that the they started compiling OpenLDAP against libgnutls instead of libssl. I had alot of problems with TLS until I recompiled it against libssl.
    · Share on FacebookShare on Twitter
  • Options
    NightShade03NightShade03 Member Posts: 1,383 ■■■■■■■□□□
    CentOS 5.4....The problem is the lack of documentation really and needing to figure things out without guidance (although it is a good way to learn).

    The TLS issue specifically is that the clients refuse to connect to the server because the "CA is unknown" (I'm guessing which stems from a self signed certificate).

    Been using CentOS-DS all day and it is pretty good so far.
    Modular Learning - Learn Something New

    SE Notebook
    · Share on FacebookShare on Twitter
  • Options
    Hyper-MeHyper-Me Banned Posts: 2,059
    AD LDS icon_lol.gif
    · Share on FacebookShare on Twitter
  • Options
    NightShade03NightShade03 Member Posts: 1,383 ■■■■■■■□□□
    Hyper-Me wrote: »
    AD LDS icon_lol.gif

    Are you trying to get me fired? icon_wink.gif
    Modular Learning - Learn Something New

    SE Notebook
    · Share on FacebookShare on Twitter
  • Options
    sidsanderssidsanders Member Posts: 217 ■■■□□□□□□□
    NightShade03 wrote: »
    CentOS 5.4....The problem is the lack of documentation really and needing to figure things out without guidance (although it is a good way to learn).

    The TLS issue specifically is that the clients refuse to connect to the server because the "CA is unknown" (I'm guessing which stems from a self signed certificate).

    Been using CentOS-DS all day and it is pretty good so far.

    u need to distribute the ca cert to the clients. you can always create a ca, make a cert req--sign it. that way you wont have a self signed cert (i try to avoid that). im a huge fan of openldap.

    Forsaken_GA on gnutls --> ya there has been some threads on openldap lists on how poopy the gnutls stuff can be.
    GO TEAM VENTURE!!!!
    · Share on FacebookShare on Twitter
Sign In or Register to comment.