Sebastopol, CA--For system administrators, running multiple servers on multiple platforms is the rule these days rather than the exception--and it's a situation with the potential to turn into an administrative nightmare. Lightweight Directory Access Protocol, or LDAP, has proved to be the answer for many an overburdened system administrator. With its ability to consolidate existing network services into a single directory, LDAP can restore order, efficiency, and allow sys admins to do more with less--an important consideration in these lean times. In recent months, a growing number of products that rely on LDAP--including those from Microsoft (Active Directory), Sun, and Novell (NDS)--have hit the market, making it easier than ever to implement LDAP. But, according to Jerry Carter, author of LDAP System Administration (O'Reilly, US $39.95), those who want to master LDAP need to go one step further.
"The main problem I find is that administrators generally get exposed to LDAP only from the perspective of a given vendor," he explains. Carter's new book addresses LDAP from a vendor-neutral viewpoint so administrators can quickly understand and implement the technology no matter what version they use. After reading it, he says, "a competent administrator with no understanding of LDAP at all will be able to integrate a directory server into essential network services such as mail, DNS, HTTP, and SMB/CIFS."
With information on network software such as sendmail, Samba, Apache, and Radius, "LDAP System Administration" offers sys admins the tools they need to centralize usernames, passwords, printer configurations, email client configurations, network filesystem configurations, and other services located on different machines across a network. Carter points out that it's not just a matter of pouring a multitude of smaller pots into a larger pot. LDAP helps sys admins organize information to reduce overhead and data redundancy. Rather than maintaining several administrative databases (NIS, Active Directory, Samba, and NFS configuration files), administrators can make changes in only one place and have all of their systems immediately "see" the updated information.
To demonstrate the concept, Carter's book takes a hands-on approach, using the OpenLDAP 2 directory as a premise for examples. OpenLDAP 2 is an open source application that ships with Mac OS X and most Linux distributions, and can be easily downloaded for most Unix-based systems, though the expertise Carter teaches is also applicable to LDAP products from Microsoft, Sun, Novell, and others. Readers learn specifically how to install and run OpenLDAP 2, using techniques to replace local username and password lookups, among other skills. "LDAP System Administration" also shows how to use LDAP to replace NIS, and how to interoperate with different LDAP servers, including Active Directory.
"It's a dedicated book on LDAP, not just a single chapter in a tome of sys admin HOWTOs," Carter explains. "LDAP will only become more important as network services and device expect some type of directory service to be available. Examples of this can be seen by the Directory Enabled Networks (DEN) initiative and the Directory Services Markup Langage (DSML) specifications. It's my belief that LDAP will continue to move beyond NIS replacements and addressbooks."
Chapter 7, Email and LDAP is available free online
For over 40 years, O’Reilly has provided technology and business training, knowledge, and insight to help companies succeed. Our unique network of experts and innovators share their knowledge and expertise through the company’s SaaS-based training and learning platform. O’Reilly delivers highly topical and comprehensive technology and business learning solutions to millions of users across enterprise, consumer, and university channels. For more information, visit www.oreilly.com.