[ale] Low resource, easy to admin LDAP server
Alex Carver
agcarver+ale at acarver.net
Fri Dec 23 10:41:17 EST 2016
Might be a bit much for a Raspberry Pi. :) The intent is for populating
the directory of a few SIP phones at home. The Pi is running Asterisk
for all the VoIP functions and TFTPd for provisioning the phones so I
just needed a tiny LDAP to have a direct-dial directory otherwise I have
to program the phones one at a time manually (there is no remote
provisioning for the phone's local directory). Unfortunately the phone
only supports LDAP for its directory function.
On 2016-12-23 05:21, Jim Kinney wrote:
> Hah, hah. I don't think of hard drive space or package count any more. For me,
> an application that pulls in 150 dependencies and requires 280 MB when installed
> is nothing when it's on a system with 6 4TB drives in a RAID6.
>
> As I use freeipa at work, it's pretty easy to setup and it includes automatic
> replication. Since I don't have to do a zillion configuration steps before it
> runs, that's "lightweight" for me.
>
> Yeah. Freeipa is overkill for just storing names and phone numbers. A flat file
> and a grep search is really light and fast enough up to many hundreds of
> entries. Slap a tiny perl/python/ruby web front end on it and call it a day.
>
> On Dec 22, 2016 10:37 PM, "DJ-Pfulio" <DJPfulio at jdpfu.com
> <mailto:DJPfulio at jdpfu.com>> wrote:
>
> And FreeIPA meets those requirements? Truly?
> $ sudo apt install freeipa-server
> Reading package lists... Done
> Building dependency tree
> Reading state information... Done
>
> The following additional packages will be installed:
> 389-ds-base 389-ds-base-libs ant ant-optional apache2 apache2-bin
> apache2-data apache2-utils bind9 bind9-dyndb-ldap bind9utils certmonger
> custodia dogtag-pki-server-theme fonts-font-awesome freeipa-admintools
> freeipa-client freeipa-common freeipa-server-dns glassfish-activation
> ieee-data junit krb5-admin-server krb5-config krb5-kdc krb5-kdc-ldap
> krb5-pkinit krb5-user ldap-utils libantlr-java libapache-pom-java
> libapache2-mod-auth-gssapi libapache2-mod-nss libapache2-mod-wsgi libapr1
> libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap libargs4j-java
> libatinject-jsr330-api-java libatk-wrapper-java libatk-wrapper-java-jni
> libbasicobjects0 libbsh-java libc-ares2 libclassworlds-java
> libcodemodel-java libcollection4 libcommons-cli-java libcommons-codec-java
> libcommons-collections3-java libcommons-dbcp-java
> libcommons-httpclient-java
> libcommons-io-java libcommons-lang-java libcommons-logging-java
> libcommons-net2-java libcommons-parent-java libcommons-pool-java
> libcurl3-nss libdbd-sqlite3-perl libdbi-perl libdhash1 libdom4j-java
> libdoxia-core-java libdtd-parser-java libecj-java libexcalibur-logkit-java
> libfastinfoset-java libgssrpc4 libguava-java libhsm-bin libhttpclient-java
> libhttpcore-java libini-config5 libipa-hbac0 libirs141 libisorelax-java
> libistack-commons-java libjackson-json-java libjackson2-annotations-java
> libjackson2-core-java libjackson2-databind-java
> libjackson2-dataformat-smile
> libjackson2-jaxrs-providers-java libjackson2-module-jaxb-annotations-java
> libjavassist-java libjaxb-api-java libjaxb-java libjaxen-java
> libjaxp1.3-java libjdom1-java libjettison-java libjing-java
> libjoda-convert-java libjoda-time-java libjs-dojo-core libjs-dojo-dijit
> libjs-dojo-dojox libjsch-java libjsoup-java libjsr305-java
> libjsr311-api-java libjss-java libkadm5clnt-mit9 libkadm5srv-mit9
> libkdb5-8
> libkrad0 libldap-java libldns1 liblog4j1.2-java
> libmaven-file-management-java libmaven-shared-io-java libmaven2-core-java
> libmozilla-ldap-perl libmsv-java libnetaddr-ip-perl libnss-sss libnss3-1d
> libnss3-tools libnuxwdog-java libnuxwdog0 liboro-java libpam-pwquality
> libpam-sss libpath-utils1 libperl4-corelibs-perl
> libplexus-ant-factory-java
> libplexus-archiver-java libplexus-bsh-factory-java libplexus-cipher-java
> libplexus-classworlds-java libplexus-container-default-java
> libplexus-containers-java libplexus-interactivity-api-java
> libplexus-interpolation-java libplexus-io-java
> libplexus-sec-dispatcher-java
> libplexus-utils-java libref-array1 librelaxng-datatype-java
> librelaxngcc-java libresteasy-java librngom-java
> libsasl2-modules-gssapi-mit
> libsaxon-java libsaxonhe-java libscannotation-java libservlet2.5-java
> libservlet3.0-java libslf4j-java libsocket-getaddrinfo-perl
> libsocket6-perl
> libsofthsm2 libsss-idmap0 libsss-nss-idmap0 libsss-sudo libstax-ex-java
> libstax-java libstreambuffer-java libsvrcore0 libtomcat7-java
> libtomcat8-java libtomcatjss-java libtxw2-java libverto-libevent1
> libverto1
> libwagon-java libwerken.xpath-java libxalan2-java libxbean-java
> libxerces2-java libxml-commons-external-java
> libxml-commons-resolver1.1-java
> libxmlrpc-core-c3 libxom-java libxpp2-java libxpp3-java libxsom-java
> libyaml-snake-java memcached oddjob oddjob-mkhomedir opendnssec
> opendnssec-common opendnssec-enforcer opendnssec-enforcer-sqlite3
> opendnssec-signer pki-base pki-ca pki-kra pki-server pki-tools python-cffi
> python-cffi-backend python-cryptography python-custodia python-dateutil
> python-decorator python-dnspython python-enum34 python-gssapi python-idna
> python-ipaclient python-ipaddress python-ipalib python-ipaserver
> python-jwcrypto python-kdcproxy python-ldap python-libipa-hbac
> python-libsss-nss-idmap python-memcache python-netaddr python-nss
> python-ply
> python-pyasn1 python-pycparser python-qrcode python-selinux
> python-setuptools python-sss python-systemd python-usb python-yubico
> slapi-nis softhsm2 softhsm2-common sssd sssd-ad sssd-ad-common sssd-common
> sssd-ipa sssd-krb5 sssd-krb5-common sssd-ldap sssd-proxy tomcat7-common
> tomcat7-user velocity
> Suggested packages:
> ant-doc ant-gcj default-jdk | java-compiler | java-sdk ant-optional-gcj
> antlr javacc jython libbcel-java libbsf-java libcommons-net-java
> libgnumail-java libjdepend-java libregexp-java apache2-doc
> apache2-suexec-pristine | apache2-suexec-custom bind9-doc libpam-krb5
> junit-doc openbsd-inetd | inet-superserver opensc
> libatinject-jsr330-api-java-doc libclassworlds-java-doc
> libcommons-collections3-java-doc libcommons-dbcp-java-doc
> libgeronimo-jta-1.1-spec-java libcommons-httpclient-java-doc
> libcommons-io-java-doc libcommons-lang-java-doc libavalon-framework-java
> libcommons-logging-java-doc libcommons-net2-java-doc libclone-perl
> libmldbm-perl libnet-daemon-perl libsql-statement-perl libdom4j-java-doc
> libdtd-parser-java-doc ecj libecj-java-gcj krb5-doc
> libjackson-json-java-doc
> libjackson2-annotations-java-doc libjackson2-core-java-doc
> libjackson2-databind-java-doc libjackson2-dataformat-smile-doc
> libjaxp1.3-java-gcj libjdom1-java-doc libjoda-convert-java-doc
> libjoda-time-java-doc libjsoup-java-doc libjsr305-java-doc
> liblog4j1.2-java-doc libmaven-file-management-java-doc
> libmaven-shared-io-java-doc libplexus-cipher-java-doc
> libplexus-classworlds-java-doc libplexus-container-default-java-doc
> libplexus-interactivity-api-java-doc libplexus-interpolation-java-doc
> libplexus-sec-dispatcher-java-doc libplexus-utils-java-doc
> libsaxon-java-doc
> libstax-java-doc tomcat7 tomcat8 libwagon-java-doc libxalan2-java-doc
> libxsltc-java groovy2 libequinox-osgi-java libosgi-compendium-java
> libosgi-core-java libqdox-java libspring-beans-java libspring-context-java
> libspring-core-java libspring-web-java libxerces2-java-doc
> libxerces2-java-gcj libxml-commons-resolver1.1-java-doc libxom-java-doc
> libcache-memcached-perl libmemcached libyaml-perl libterm-readkey-perl
> opendnssec-doc python-dev python-cryptography-doc
> python-cryptography-vectors python-enum34-doc python-ldap-doc ipython
> python-netaddr-docs python-ply-doc doc-base python-setuptools-doc
> sssd-tools
> libsasl2-modules-ldap tomcat7-docs tomcat7-admin tomcat7-examples
> velocity-doc
> The following NEW packages will be installed:
> 389-ds-base 389-ds-base-libs ant ant-optional apache2 apache2-bin
> apache2-data apache2-utils bind9 bind9-dyndb-ldap bind9utils certmonger
> custodia dogtag-pki-server-theme fonts-font-awesome freeipa-admintools
> freeipa-client freeipa-common freeipa-server freeipa-server-dns
> glassfish-activation ieee-data junit krb5-admin-server krb5-config
> krb5-kdc
> krb5-kdc-ldap krb5-pkinit krb5-user ldap-utils libantlr-java
> libapache-pom-java libapache2-mod-auth-gssapi libapache2-mod-nss
> libapache2-mod-wsgi libapr1 libaprutil1 libaprutil1-dbd-sqlite3
> libaprutil1-ldap libargs4j-java libatinject-jsr330-api-java
> libatk-wrapper-java libatk-wrapper-java-jni libbasicobjects0 libbsh-java
> libc-ares2 libclassworlds-java libcodemodel-java libcollection4
> libcommons-cli-java libcommons-codec-java libcommons-collections3-java
> libcommons-dbcp-java libcommons-httpclient-java libcommons-io-java
> libcommons-lang-java libcommons-logging-java libcommons-net2-java
> libcommons-parent-java libcommons-pool-java libcurl3-nss
> libdbd-sqlite3-perl
> libdbi-perl libdhash1 libdom4j-java libdoxia-core-java libdtd-parser-java
> libecj-java libexcalibur-logkit-java libfastinfoset-java libgssrpc4
> libguava-java libhsm-bin libhttpclient-java libhttpcore-java
> libini-config5
> libipa-hbac0 libirs141 libisorelax-java libistack-commons-java
> libjackson-json-java libjackson2-annotations-java libjackson2-core-java
> libjackson2-databind-java libjackson2-dataformat-smile
> libjackson2-jaxrs-providers-java libjackson2-module-jaxb-annotations-java
> libjavassist-java libjaxb-api-java libjaxb-java libjaxen-java
> libjaxp1.3-java libjdom1-java libjettison-java libjing-java
> libjoda-convert-java libjoda-time-java libjs-dojo-core libjs-dojo-dijit
> libjs-dojo-dojox libjsch-java libjsoup-java libjsr305-java
> libjsr311-api-java libjss-java libkadm5clnt-mit9 libkadm5srv-mit9
> libkdb5-8
> libkrad0 libldap-java libldns1 liblog4j1.2-java
> libmaven-file-management-java libmaven-shared-io-java libmaven2-core-java
> libmozilla-ldap-perl libmsv-java libnetaddr-ip-perl libnss-sss libnss3-1d
> libnss3-tools libnuxwdog-java libnuxwdog0 liboro-java libpam-pwquality
> libpam-sss libpath-utils1 libperl4-corelibs-perl
> libplexus-ant-factory-java
> libplexus-archiver-java libplexus-bsh-factory-java libplexus-cipher-java
> libplexus-classworlds-java libplexus-container-default-java
> libplexus-containers-java libplexus-interactivity-api-java
> libplexus-interpolation-java libplexus-io-java
> libplexus-sec-dispatcher-java
> libplexus-utils-java libref-array1 librelaxng-datatype-java
> librelaxngcc-java libresteasy-java librngom-java
> libsasl2-modules-gssapi-mit
> libsaxon-java libsaxonhe-java libscannotation-java libservlet2.5-java
> libservlet3.0-java libslf4j-java libsocket-getaddrinfo-perl
> libsocket6-perl
> libsofthsm2 libsss-idmap0 libsss-nss-idmap0 libsss-sudo libstax-ex-java
> libstax-java libstreambuffer-java libsvrcore0 libtomcat7-java
> libtomcat8-java libtomcatjss-java libtxw2-java libverto-libevent1
> libverto1
> libwagon-java libwerken.xpath-java libxalan2-java libxbean-java
> libxerces2-java libxml-commons-external-java
> libxml-commons-resolver1.1-java
> libxmlrpc-core-c3 libxom-java libxpp2-java libxpp3-java libxsom-java
> libyaml-snake-java memcached oddjob oddjob-mkhomedir opendnssec
> opendnssec-common opendnssec-enforcer opendnssec-enforcer-sqlite3
> opendnssec-signer pki-base pki-ca pki-kra pki-server pki-tools python-cffi
> python-cffi-backend python-cryptography python-custodia python-dateutil
> python-decorator python-dnspython python-enum34 python-gssapi python-idna
> python-ipaclient python-ipaddress python-ipalib python-ipaserver
> python-jwcrypto python-kdcproxy python-ldap python-libipa-hbac
> python-libsss-nss-idmap python-memcache python-netaddr python-nss
> python-ply
> python-pyasn1 python-pycparser python-qrcode python-selinux
> python-setuptools python-sss python-systemd python-usb python-yubico
> slapi-nis softhsm2 softhsm2-common sssd sssd-ad sssd-ad-common sssd-common
> sssd-ipa sssd-krb5 sssd-krb5-common sssd-ldap sssd-proxy tomcat7-common
> tomcat7-user velocity
> 0 upgraded, 241 newly installed, 0 to remove and 13 not upgraded.
> Need to get 71.3 MB of archives.
> After this operation, 169 MB of additional disk space will be used.
> Do you want to continue? [Y/n] N
>
> NNNNNNNNNNNNNNNNNNNNNNN!!!!!!!!!!
>
>
> Light? Nope.
>
>
>
>
> On 12/22/2016 10:10 PM, Jim Kinney wrote:
> > Hmm. You could do this in freeipa. It has a phone number field by
> > default. Plus a web gui that's easy. Create users but don't allow them
> > access to a machine.
> >
> > On Dec 22, 2016 7:17 PM, "Alex Carver" <agcarver+ale at acarver.net
> <mailto:agcarver%2Bale at acarver.net>
> > <mailto:agcarver%2Bale at acarver.net
> <mailto:agcarver%252Bale at acarver.net>>> wrote:
> >
> > Need some recommendations for a very low resource LDAP server that is
> > easy to configure/administer.
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org <mailto:Ale at ale.org>
> http://mail.ale.org/mailman/listinfo/ale
> <http://mail.ale.org/mailman/listinfo/ale>
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo <http://mail.ale.org/mailman/listinfo>
>
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
More information about the Ale
mailing list