Git Product home page Git Product logo

chef-openldap-server's Introduction

openldap-server cookbook

Requirements

Ubuntu >= 10.04 or Debian >= 7.0.0
Requirement is based on slapd package minimum requirement of 2.4.
OpenLDAP 2.4 included the dynamic config option, which is what this cookbook uses

Usage

  • include_recipe 'openldap-server::default'

    • Installs OpenLDAP from the package repo
    • Configures a basic ldap database
      • Includes People, Groups, and Services OU containers
      • Includes the memberOf overlay
      • Includes ppolicy overlay
      • Sets up access controls/no unauthenticated access

  • Setup attributes listed below *

  • You can optionally supply your own ldif instead of using the provided *

Attributes

Main Options

Domain name to use which creates the suffix
node['openldap-server'][:domain] = 'default.com'

Root password for the LDAP database
This can and should be hashed and salted, use slappasswd to generate
node['openldap-server'][:rootpw] = 'default'

User attribute to use for root user
This ends up as "cn=admin,dc=example,dc=com"
node['openldap-server'][:root_user_attr] = "cn=admin"

Where do you want the ldap DB to be stored
node['openldap-server'][:db_dir] = '/var/lib/ldap'

You can use these options in your own template if you like
To supply your own ldif template/file to use
node['openldap-server'][:db_ldif] = 'db.ldif.erb'

Default Config Options (/etc/default/slapd)

default['openldap-server'][:default_config][:slapd_conf] = nil # SLAPD_CONF  
default['openldap-server'][:default_config][:slapd_user] = 'openldap' # SLAPD_USER  
default['openldap-server'][:default_config][:slapd_group] = 'openldap' # SLAPD_GROUP  
default['openldap-server'][:default_config][:slapd_pidfile] = nil # SLAPD_PIDFILE  
default['openldap-server'][:default_config][:slapd_services] = "ldap:/// ldapi:///" # SLAPD_SERVICES  
default['openldap-server'][:default_config][:slapd_nostart] = false # SLAPD_NO_START  
default['openldap-server'][:default_config][:slapd_sentinel_file] = '/etc/ldap/noslapd' # SLAPD_SENTINEL_FILE  
default['openldap-server'][:default_config][:slapd_kerb_file] = '/etc/krb5.keytab' # KRB_KTNAME  
default['openldap-server'][:default_config][:slapd_options] = nil # SLAPD_OPTIONS

Recipes

openldap-server::install - Installs OpenLDAP

openldap-server::createdb - Creates basic DB

openldap-server::default - includes both install and createdb reciepes

Author

Author:: cpuguy83 ([email protected])

chef-openldap-server's People

Contributors

cpuguy83 avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.