
This is the Title of the Book, eMatter Edition
Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.
220
|
Chapter 7: Using LDAP for Authentication
Without going into the technical reasons, I must point out that if you wish to use
this sort of a structure with a large number of users, you’ll greatly enhance your
LDAP server’s performance by splitting your “people”
ou into “sub-OUs”—i.e., by
combining the structures in Figures 7-2 and 7-3 into something like Figure 7-4.
These are just a few examples of LDAP database structures. Your only real limits,
here, are your imagination and your stomach for hacking LDAP schema. (More on
schema hacking shortly.)
Setting Up the Server
If you’re like me, you’re a lot less interested in LDAP theory than you are in LDAP
practice, so let’s go ahead and install OpenLDAP—we’ll go further with LDAP data-
base design in a minute. (And if you aren’t like me, then good for you! But you’ll still
have to skip ahead a few pages if you want more LDAP theory right this instant.)
Getting and Installing OpenLDAP
Being such a useful and important thing, OpenLDAP is included in most major
Linux distributions. Generally, it’s split across multiple packages: server daemons in
one package, client commands/programs in another, development libraries in still
another, etc. You’re building an LDAP server, so naturally you’ll want to install your
distribution’s OpenLDAP server ...