[ale] Low resource, easy to admin LDAP server
Alex Carver
agcarver+ale at acarver.net
Fri Dec 23 15:29:10 EST 2016
The AAUG mailing list is gone, folded up shop not too long ago.
I don't need it connected to the PBX software, really. The phone does a
direct LDAP query independent of its SIP functions. It just doesn't
know how to do anything else but LDAP to enable the directory feature
otherwise I'd be using that instead.
I know you can put a hard drive on a Pi, I already have one with a hard
drive (my email server). But for this application I don't want a drive,
I just want to use the SD card. I also have a bulk power supply system
in place, everything that needs 5 volts gets its power from one 50 Amp
filtered supply. No more wall warts (I have the same setup for other
voltages, too).
On 2016-12-23 09:26, DJ-Pfulio wrote:
> Thought everyone running SIP had moved to FreePBX or PBX-in-a-box?
> Might ask the LDAP question at the AAUG (or browse their list archives).
>
> Those all-in-one SIP distros have everything. I haven't been to a
> meeting or been following asterisk since before a Raspberry Pi was
> introduced, but people were deploying $200 mini-x86 boxes to handle 50
> people in small offices and they felt it was complete overkill. They
> did "fork lift" upgrades to reduce downtime. Basically, they never
> touched a working system. Did patching+testing on an alternate box and
> swapped it in when things looked good.
>
> I bet there is a PBX-specific solution, probably using LDAP with a nice
> webGUI. It probably accepts a CVS/LDIF/vcard upload for the directory too.
>
> As for r-pi stuff. Folks are using 16G-1TB laptop disks using a powered
> USB hub for both the Pi and the disks. Basically, it makes storage a
> non-factor AND they get a stable power source.
>
> I'll make you a deal on a 2-line Snom. ;)
>
> On 12/23/2016 10:41 AM, Alex Carver wrote:
>> Might be a bit much for a Raspberry Pi. :) The intent is for populating
>> the directory of a few SIP phones at home. The Pi is running Asterisk
>> for all the VoIP functions and TFTPd for provisioning the phones so I
>> just needed a tiny LDAP to have a direct-dial directory otherwise I have
>> to program the phones one at a time manually (there is no remote
>> provisioning for the phone's local directory). Unfortunately the phone
>> only supports LDAP for its directory function.
>>
>> On 2016-12-23 05:21, Jim Kinney wrote:
>>> Hah, hah. I don't think of hard drive space or package count any more. For me,
>>> an application that pulls in 150 dependencies and requires 280 MB when installed
>>> is nothing when it's on a system with 6 4TB drives in a RAID6.
>>>
>>> As I use freeipa at work, it's pretty easy to setup and it includes automatic
>>> replication. Since I don't have to do a zillion configuration steps before it
>>> runs, that's "lightweight" for me.
>>>
>>> Yeah. Freeipa is overkill for just storing names and phone numbers. A flat file
>>> and a grep search is really light and fast enough up to many hundreds of
>>> entries. Slap a tiny perl/python/ruby web front end on it and call it a day.
>>>
>>> On Dec 22, 2016 10:37 PM, "DJ-Pfulio" <DJPfulio at jdpfu.com
>>> <mailto:DJPfulio at jdpfu.com>> wrote:
>>>
>>> And FreeIPA meets those requirements? Truly?
>>> $ sudo apt install freeipa-server
>>> Reading package lists... Done
>>> Building dependency tree
>>> Reading state information... Done
>>>
>>> The following additional packages will be installed:
>>> 389-ds-base 389-ds-base-libs ant ant-optional apache2 apache2-bin
>>> apache2-data apache2-utils bind9 bind9-dyndb-ldap bind9utils certmonger
>>> custodia dogtag-pki-server-theme fonts-font-awesome freeipa-admintools
>>> freeipa-client freeipa-common freeipa-server-dns glassfish-activation
>>> ieee-data junit krb5-admin-server krb5-config krb5-kdc krb5-kdc-ldap
>>> krb5-pkinit krb5-user ldap-utils libantlr-java libapache-pom-java
>>> libapache2-mod-auth-gssapi libapache2-mod-nss libapache2-mod-wsgi libapr1
>>> libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap libargs4j-java
>>> libatinject-jsr330-api-java libatk-wrapper-java libatk-wrapper-java-jni
>>> libbasicobjects0 libbsh-java libc-ares2 libclassworlds-java
>>> libcodemodel-java libcollection4 libcommons-cli-java libcommons-codec-java
>>> libcommons-collections3-java libcommons-dbcp-java
>>> libcommons-httpclient-java
>>> libcommons-io-java libcommons-lang-java libcommons-logging-java
>>> libcommons-net2-java libcommons-parent-java libcommons-pool-java
>>> libcurl3-nss libdbd-sqlite3-perl libdbi-perl libdhash1 libdom4j-java
>>> libdoxia-core-java libdtd-parser-java libecj-java libexcalibur-logkit-java
>>> libfastinfoset-java libgssrpc4 libguava-java libhsm-bin libhttpclient-java
>>> libhttpcore-java libini-config5 libipa-hbac0 libirs141 libisorelax-java
>>> libistack-commons-java libjackson-json-java libjackson2-annotations-java
>>> libjackson2-core-java libjackson2-databind-java
>>> libjackson2-dataformat-smile
>>> libjackson2-jaxrs-providers-java libjackson2-module-jaxb-annotations-java
>>> libjavassist-java libjaxb-api-java libjaxb-java libjaxen-java
>>> libjaxp1.3-java libjdom1-java libjettison-java libjing-java
>>> libjoda-convert-java libjoda-time-java libjs-dojo-core libjs-dojo-dijit
>>> libjs-dojo-dojox libjsch-java libjsoup-java libjsr305-java
>>> libjsr311-api-java libjss-java libkadm5clnt-mit9 libkadm5srv-mit9
>>> libkdb5-8
>>> libkrad0 libldap-java libldns1 liblog4j1.2-java
>>> libmaven-file-management-java libmaven-shared-io-java libmaven2-core-java
>>> libmozilla-ldap-perl libmsv-java libnetaddr-ip-perl libnss-sss libnss3-1d
>>> libnss3-tools libnuxwdog-java libnuxwdog0 liboro-java libpam-pwquality
>>> libpam-sss libpath-utils1 libperl4-corelibs-perl
>>> libplexus-ant-factory-java
>>> libplexus-archiver-java libplexus-bsh-factory-java libplexus-cipher-java
>>> libplexus-classworlds-java libplexus-container-default-java
>>> libplexus-containers-java libplexus-interactivity-api-java
>>> libplexus-interpolation-java libplexus-io-java
>>> libplexus-sec-dispatcher-java
>>> libplexus-utils-java libref-array1 librelaxng-datatype-java
>>> librelaxngcc-java libresteasy-java librngom-java
>>> libsasl2-modules-gssapi-mit
>>> libsaxon-java libsaxonhe-java libscannotation-java libservlet2.5-java
>>> libservlet3.0-java libslf4j-java libsocket-getaddrinfo-perl
>>> libsocket6-perl
>>> libsofthsm2 libsss-idmap0 libsss-nss-idmap0 libsss-sudo libstax-ex-java
>>> libstax-java libstreambuffer-java libsvrcore0 libtomcat7-java
>>> libtomcat8-java libtomcatjss-java libtxw2-java libverto-libevent1
>>> libverto1
>>> libwagon-java libwerken.xpath-java libxalan2-java libxbean-java
>>> libxerces2-java libxml-commons-external-java
>>> libxml-commons-resolver1.1-java
>>> libxmlrpc-core-c3 libxom-java libxpp2-java libxpp3-java libxsom-java
>>> libyaml-snake-java memcached oddjob oddjob-mkhomedir opendnssec
>>> opendnssec-common opendnssec-enforcer opendnssec-enforcer-sqlite3
>>> opendnssec-signer pki-base pki-ca pki-kra pki-server pki-tools python-cffi
>>> python-cffi-backend python-cryptography python-custodia python-dateutil
>>> python-decorator python-dnspython python-enum34 python-gssapi python-idna
>>> python-ipaclient python-ipaddress python-ipalib python-ipaserver
>>> python-jwcrypto python-kdcproxy python-ldap python-libipa-hbac
>>> python-libsss-nss-idmap python-memcache python-netaddr python-nss
>>> python-ply
>>> python-pyasn1 python-pycparser python-qrcode python-selinux
>>> python-setuptools python-sss python-systemd python-usb python-yubico
>>> slapi-nis softhsm2 softhsm2-common sssd sssd-ad sssd-ad-common sssd-common
>>> sssd-ipa sssd-krb5 sssd-krb5-common sssd-ldap sssd-proxy tomcat7-common
>>> tomcat7-user velocity
>>> Suggested packages:
>>> ant-doc ant-gcj default-jdk | java-compiler | java-sdk ant-optional-gcj
>>> antlr javacc jython libbcel-java libbsf-java libcommons-net-java
>>> libgnumail-java libjdepend-java libregexp-java apache2-doc
>>> apache2-suexec-pristine | apache2-suexec-custom bind9-doc libpam-krb5
>>> junit-doc openbsd-inetd | inet-superserver opensc
>>> libatinject-jsr330-api-java-doc libclassworlds-java-doc
>>> libcommons-collections3-java-doc libcommons-dbcp-java-doc
>>> libgeronimo-jta-1.1-spec-java libcommons-httpclient-java-doc
>>> libcommons-io-java-doc libcommons-lang-java-doc libavalon-framework-java
>>> libcommons-logging-java-doc libcommons-net2-java-doc libclone-perl
>>> libmldbm-perl libnet-daemon-perl libsql-statement-perl libdom4j-java-doc
>>> libdtd-parser-java-doc ecj libecj-java-gcj krb5-doc
>>> libjackson-json-java-doc
>>> libjackson2-annotations-java-doc libjackson2-core-java-doc
>>> libjackson2-databind-java-doc libjackson2-dataformat-smile-doc
>>> libjaxp1.3-java-gcj libjdom1-java-doc libjoda-convert-java-doc
>>> libjoda-time-java-doc libjsoup-java-doc libjsr305-java-doc
>>> liblog4j1.2-java-doc libmaven-file-management-java-doc
>>> libmaven-shared-io-java-doc libplexus-cipher-java-doc
>>> libplexus-classworlds-java-doc libplexus-container-default-java-doc
>>> libplexus-interactivity-api-java-doc libplexus-interpolation-java-doc
>>> libplexus-sec-dispatcher-java-doc libplexus-utils-java-doc
>>> libsaxon-java-doc
>>> libstax-java-doc tomcat7 tomcat8 libwagon-java-doc libxalan2-java-doc
>>> libxsltc-java groovy2 libequinox-osgi-java libosgi-compendium-java
>>> libosgi-core-java libqdox-java libspring-beans-java libspring-context-java
>>> libspring-core-java libspring-web-java libxerces2-java-doc
>>> libxerces2-java-gcj libxml-commons-resolver1.1-java-doc libxom-java-doc
>>> libcache-memcached-perl libmemcached libyaml-perl libterm-readkey-perl
>>> opendnssec-doc python-dev python-cryptography-doc
>>> python-cryptography-vectors python-enum34-doc python-ldap-doc ipython
>>> python-netaddr-docs python-ply-doc doc-base python-setuptools-doc
>>> sssd-tools
>>> libsasl2-modules-ldap tomcat7-docs tomcat7-admin tomcat7-examples
>>> velocity-doc
>>> The following NEW packages will be installed:
>>> 389-ds-base 389-ds-base-libs ant ant-optional apache2 apache2-bin
>>> apache2-data apache2-utils bind9 bind9-dyndb-ldap bind9utils certmonger
>>> custodia dogtag-pki-server-theme fonts-font-awesome freeipa-admintools
>>> freeipa-client freeipa-common freeipa-server freeipa-server-dns
>>> glassfish-activation ieee-data junit krb5-admin-server krb5-config
>>> krb5-kdc
>>> krb5-kdc-ldap krb5-pkinit krb5-user ldap-utils libantlr-java
>>> libapache-pom-java libapache2-mod-auth-gssapi libapache2-mod-nss
>>> libapache2-mod-wsgi libapr1 libaprutil1 libaprutil1-dbd-sqlite3
>>> libaprutil1-ldap libargs4j-java libatinject-jsr330-api-java
>>> libatk-wrapper-java libatk-wrapper-java-jni libbasicobjects0 libbsh-java
>>> libc-ares2 libclassworlds-java libcodemodel-java libcollection4
>>> libcommons-cli-java libcommons-codec-java libcommons-collections3-java
>>> libcommons-dbcp-java libcommons-httpclient-java libcommons-io-java
>>> libcommons-lang-java libcommons-logging-java libcommons-net2-java
>>> libcommons-parent-java libcommons-pool-java libcurl3-nss
>>> libdbd-sqlite3-perl
>>> libdbi-perl libdhash1 libdom4j-java libdoxia-core-java libdtd-parser-java
>>> libecj-java libexcalibur-logkit-java libfastinfoset-java libgssrpc4
>>> libguava-java libhsm-bin libhttpclient-java libhttpcore-java
>>> libini-config5
>>> libipa-hbac0 libirs141 libisorelax-java libistack-commons-java
>>> libjackson-json-java libjackson2-annotations-java libjackson2-core-java
>>> libjackson2-databind-java libjackson2-dataformat-smile
>>> libjackson2-jaxrs-providers-java libjackson2-module-jaxb-annotations-java
>>> libjavassist-java libjaxb-api-java libjaxb-java libjaxen-java
>>> libjaxp1.3-java libjdom1-java libjettison-java libjing-java
>>> libjoda-convert-java libjoda-time-java libjs-dojo-core libjs-dojo-dijit
>>> libjs-dojo-dojox libjsch-java libjsoup-java libjsr305-java
>>> libjsr311-api-java libjss-java libkadm5clnt-mit9 libkadm5srv-mit9
>>> libkdb5-8
>>> libkrad0 libldap-java libldns1 liblog4j1.2-java
>>> libmaven-file-management-java libmaven-shared-io-java libmaven2-core-java
>>> libmozilla-ldap-perl libmsv-java libnetaddr-ip-perl libnss-sss libnss3-1d
>>> libnss3-tools libnuxwdog-java libnuxwdog0 liboro-java libpam-pwquality
>>> libpam-sss libpath-utils1 libperl4-corelibs-perl
>>> libplexus-ant-factory-java
>>> libplexus-archiver-java libplexus-bsh-factory-java libplexus-cipher-java
>>> libplexus-classworlds-java libplexus-container-default-java
>>> libplexus-containers-java libplexus-interactivity-api-java
>>> libplexus-interpolation-java libplexus-io-java
>>> libplexus-sec-dispatcher-java
>>> libplexus-utils-java libref-array1 librelaxng-datatype-java
>>> librelaxngcc-java libresteasy-java librngom-java
>>> libsasl2-modules-gssapi-mit
>>> libsaxon-java libsaxonhe-java libscannotation-java libservlet2.5-java
>>> libservlet3.0-java libslf4j-java libsocket-getaddrinfo-perl
>>> libsocket6-perl
>>> libsofthsm2 libsss-idmap0 libsss-nss-idmap0 libsss-sudo libstax-ex-java
>>> libstax-java libstreambuffer-java libsvrcore0 libtomcat7-java
>>> libtomcat8-java libtomcatjss-java libtxw2-java libverto-libevent1
>>> libverto1
>>> libwagon-java libwerken.xpath-java libxalan2-java libxbean-java
>>> libxerces2-java libxml-commons-external-java
>>> libxml-commons-resolver1.1-java
>>> libxmlrpc-core-c3 libxom-java libxpp2-java libxpp3-java libxsom-java
>>> libyaml-snake-java memcached oddjob oddjob-mkhomedir opendnssec
>>> opendnssec-common opendnssec-enforcer opendnssec-enforcer-sqlite3
>>> opendnssec-signer pki-base pki-ca pki-kra pki-server pki-tools python-cffi
>>> python-cffi-backend python-cryptography python-custodia python-dateutil
>>> python-decorator python-dnspython python-enum34 python-gssapi python-idna
>>> python-ipaclient python-ipaddress python-ipalib python-ipaserver
>>> python-jwcrypto python-kdcproxy python-ldap python-libipa-hbac
>>> python-libsss-nss-idmap python-memcache python-netaddr python-nss
>>> python-ply
>>> python-pyasn1 python-pycparser python-qrcode python-selinux
>>> python-setuptools python-sss python-systemd python-usb python-yubico
>>> slapi-nis softhsm2 softhsm2-common sssd sssd-ad sssd-ad-common sssd-common
>>> sssd-ipa sssd-krb5 sssd-krb5-common sssd-ldap sssd-proxy tomcat7-common
>>> tomcat7-user velocity
>>> 0 upgraded, 241 newly installed, 0 to remove and 13 not upgraded.
>>> Need to get 71.3 MB of archives.
>>> After this operation, 169 MB of additional disk space will be used.
>>> Do you want to continue? [Y/n] N
>>>
>>> NNNNNNNNNNNNNNNNNNNNNNN!!!!!!!!!!
>>>
>>>
>>> Light? Nope.
>>>
>>>
>>>
>>>
>>> On 12/22/2016 10:10 PM, Jim Kinney wrote:
>>> > Hmm. You could do this in freeipa. It has a phone number field by
>>> > default. Plus a web gui that's easy. Create users but don't allow them
>>> > access to a machine.
>>> >
>>> > On Dec 22, 2016 7:17 PM, "Alex Carver" <agcarver+ale at acarver.net
>>> <mailto:agcarver%2Bale at acarver.net>
>>> > <mailto:agcarver%2Bale at acarver.net
>>> <mailto:agcarver%252Bale at acarver.net>>> wrote:
>>> >
>>> > Need some recommendations for a very low resource LDAP server that is
>>> > easy to configure/administer.
More information about the Ale
mailing list