Openldap
From wikinotes
LDAP is a read-optimized, scalable(distributed) way of storing data with 2x goals:
- sharing information with unrelated services
- fine-grained, filter-rule based authorization to every stored attribute
It does this by:
- Storing information using pre-defined, standardized Attributes (posixPassword, username, employeeNumber, mail, ipaddress, port, ...)
- Create/ReUse groups of attributes called ObjectClasses (Person, Organization, Account, ...)
- Entries are instances of these ObjectClasses.
- Entries are stored in a hierarchy, which can be anything you'd like.
Using this stored information, LDAP can be used to integrate several entirely unrelated services.
- It can be used to handle multiple authentication methods for single-sign-in (SSO)
- It can be used to share user images, descriptions etc with various programs
- It can use to determine what resources (websites, services, machines) a user should have permission to use.
Documentation
official docs https://www.openldap.org/doc/admin24/
Locations
/var/lib/ldap
location of ldap data (generally in bdb files) /etc/ldap/slapd.d
location of ldap configuration
Notes
openldap install openldap tutorials openldap concepts openldap components openldap configuration openldap usage openldap urls
Integrations
phpldapadmin