LDAP System Administration

Gerald Carter

1 LDAP System Administration review
This book provides a good introduction to implementing OpenLDAP. I found the authors "jumped" tangentially around quite a bit topically, rather than following an idea from start to finish. It was a bit disconcerting following the examples and being interrupted with background material constantly. This may be an editorial problem, as usually backreferences to material are enclosed in callout boxes, while the topical flow continues.

I was surprised at the editing and presentation - it wasn't up to usual O'Reilly standards. I was disappointed with the lack of schema level information - part of what I wanted from the book was an understanding of merging multiple schemas to provide cross -client compatibility of directory service usage - i.e. how can LDAP provide services compatible with Mozilla, Eudora, Outlook etc. with common data storage.

All in all, I learned a lot from this book, but I am still needing more material to complete the project I am working on - I'll have to find better documentation on schema considerations. Worth the price, but in need of better editing and a new edition.

2 LDAP Administration for UNIX
It covers LDAP installation and implementation (using OpenLDAP) for various services on UNIX platform, i.e. NIS, Email, Clients and Mail Transfer Agents (MTA), FTP and Web servers, Samba, FreeRadius, DNS, and Printer Management. A quick introduction on how to implement LDAP server for various services in your organisation.

It has one section on LDAP tool, Nett:LDAP using Perl. It touches on high level LDAP design and replication issues, not much on the design and lacking of LDAPv3 features such as DSML.

3 Great basic implementation ideas, lacking in some areas
The book starts with a section on a brief introduction of LDAP before moving in LDAPv3 overview. OpenLDAP takes two chapters, then a section of chapters on Application Integration. Letting LDAP replace NIS, integrating with email, Unix and LDAP, LDAP interoperability and LDAP and Perl finish the chapters off. There are some appendixes that include some of the common Attributes and Objects also.

If you are using Windows and some LDAP application this book does not contain a lot of information for you specific to the OS, but is a great reference for LDAP overall. Most of the code examples rely on Unix understandings. The review of access and OpenLDAP applies directly to numerous systems in understanding how rights are applied.

Replication and referrals is a great topic that is covered well for the beginner. For someone wanting advanced architecture ideas and designs, this chapter does not go deep enough for you. But I enjoyed it still letting me review and pick up a few items I was unaware of.

LDAP administrators that are just starting out, or even ones that have been doing LDAP for some time and need to secure or expand the directory infrastructure could benefit from this book.

4 Awesome LDAP System Administrators Guide
This book is an awesome reference for someone interested in SYSTEM ADMINISTRATION (hence the title.) If you are a newbie looking for broader, philosophical reasoning or basic directory theory, this is NOT the book for you. If you know why you want a directory and understand the basics, then this book will definitely meet your needs. I was especially pleased with the no-nonsense approach, that got me up and running with a replicated directory, including referrals and references, by page 90. Excellent recommendations with enough detail to get the job done, along with great references to other resources and tools. The only thing that was lacking was the Samba integration chapter, which is 2.2 based, probably due to the book's age. While there are other resources out there, a second edition would still be nice.

5 Excellent book on OpenLDAP
This book is probably the best book I have ever read on OpenLDAP implimentation. The title is somewhat misleading in that it does not go into LDAP in general, including deep history, heavy schema development, etc.

However, it covers the down and dirty of implimenting OpenLDAP in detail. It covers:

-detailed slapd.conf configuration
-pam_ldap
-nss specific and pam specific configuration parameters in ldap.conf
-DNS implimentation with LDAP
-conversion tools

This book is an excellent guide on actually putting LDAP to work, including design, configuration and implimentation.

This book is NOT designed for people looking to impliment other LDAP software (iPlanet, etc). This book does not cover in depth enterprise level roll-out, research, and user feedback.

But if you want a great book that covers configuration and usage of OpenLDAP and Linux..this IS the book for you.

6 "Lightweight" LDAP book
First of all, be advised that this book only covers OpenLDAP. Although this was exactly what I was using, it makes more sense for the book to be retitled so as not to set the wrong expectations. Now, I'll talk about what this book does well.

The book does an adequate job of explaining the whole installation process. It actually does miss the fact that when installing LDAP, you need to set two environment variables if your Berkeley DB location is non-standard. After a little searching, I found this on the web. Along these lines, it was good with explaining what your directory structure would look like after your install (which is helpful, as OpenLDAP blasts things all over the place) and how to start and stop the server. It also mentions various ways to set security levels and hashing techniques to make sure that your password is not stored in cleartext. So why only two stars?

The overall theme of this book is that it is extremely light on information. If you're the kind of person that likes a little handholding, do NOT get this book! On almost every topic, you'll be left saying, "Okay, where's the next example on this topic?", only to be left hanging. Creating custom schemas was covered in TWO pages (pgs 95-97)! There's no mention of integrating LDAP with the various app servers out there today (Java Servlet/Bean containers, PHP, ASP, etc.). None! Again, I had to search the web to find out how to do this. This led me to binding errors that, once again, the book did not address. Again (this will be a recurring theme), I found the answers on the net.

I hate to say it but there is nothing that this book provides that can not be found on the web very easily. It doesn't provide that golden nugget that you couldn't find anywhere else. Within a week, you'll have scrubbed it for all it's worth and will rely 100% on the web for info that the book should provide. Which brings up another point. It's annoying to spend nearly $30 on a book to constantly have the author tell you "For more information on this subject, look at reference..."). On two separate occasions I found myself saying, "Wait a minute! Why should I need another reference book for basic LDAP info? I thought I bought an LDAP book already!"

Trust me guys, this book is not worth buying at any price. I'm looking to sell mine now!

7 Excellent resource for system admins
Excellent book for people without previous LDAP knowledge. In fact I bought 12 of them for my organization. This is a ractical guide for various components of LDAP. It covers most of the areas that LDAP will have impact. I agree with one review that the information is only true for OpenLDAP. It has a different story if you use Sun ONE LDAP or other LDAP servers.

8 Lightweight book on LDAP
Very thin. One of the most basic uses for LDAP is to setup an address/contacts book. The example in the book didn't even work and was thin on getting things like the postal address to work across multiple programs.

I managed to get my project done using web resources, magazine articles. No thanks to this book. After using the OpenLDAP site for help, I got a very weak address book going that held the minimum information. After launching the book into the corner of my office, I managed to get the full project done to 90% of where I want it to be.

He spends so much time pointing you to different RFCs, in essence, making you do all the work. The reference to where information comes from is great. Mention the RFCs but narrow the information down to help me solve problems.

I hope Oreilly can find an experienced author to re-write this book in a way that helps the people who fork over the money. I have tons of really good Oreilly books. This, however, is a poor poor poor book.

9 Great LDAP book!
Great book!

If you use LDAP in a serious way and need to REALLY understand the inner workings, get this book.

It is clearly written, to the point, and very valuable!

10 A great guide for implementing and integrating LDAP
Anyone that has attempted to integrate LDAP with services such as Email, NIS, Samba, Printing, etc. knows how sparce the documentation on the Internet is, if you are lucky enough to find it. This book does a great job of describing how to implement LDAP and make the most of it! The author has a concise and easy to read style that makes for a quick read. If you are using or plan to use OpenLDAP, this book is a must. If you want to integrate the previously mentioned services with LDAP, even if not with OpenLDAP, this book is still very valuable.

11 very helpful
I spent months trying to gather information from the web about integrating services (MTA's, Samba, Radius, etc) with an LDAP server. This book gathers all that information into one well written book. It also covers basics which are surprisingly hard to get straight answers for on the web.

It pretty much exclusively talks about implementations using OpenLDAP. This was fine for me since it's what I'm using, but keep it in mind that not all information will be correct for your LDAP server (ACL's for instance)

I really wish I had this book when I started implementing LDAP. All the other books I bought wasted hundreds of pages talking about theory and developing applications for LDAP. This is the first book I've found that actually talks about USING LDAP.

Some sections feel a little unfinished. It could be a bit more detailed in areas and more discussion of the bumps you'll hit in an actual implemenation.

Even with the books minor problems, this book will pay for itself in the time it saves you from having to scour the web and mailing lists for answers. You'll still occasionally have to resort to the web and man pages to fill in the gaps. Hopefully the second edition will be more detailed.

12 LDAP Without Hype: Get Started Today!
This book is great! It covers using LDAP for user authentication and other configuration information as well as for data like phone directories. If you've not tried LDAP before, the book includes detailed information on installing OpenLDAP and configuring it. I'm already using LDAP, and I was happy to find some of the more obscure topics demystified by the author (for example, replication and SASL interaction). This book is for system administrators, not for programmers, and will turn you into the local LDAP guru in no time.

13 An useful LDAP guide for system administrators
Inside this book, you can fetch a lot of useful tricks and clear references. Perhaps is not a complete guide for LDAP administration, but covers the basics about LDIF, OID, tree structure -organization and replication-, indexes and so.
I found very useful the explanation about LDAP use in system integration: accounting issues for services(nss, pam), mail routing, and AD issues.
Provides useful scripts and explain a lot of "traps" about security integration and configuration: TLS, SASL, etc. I strongly recommend it for newies in LDAP admin.

14 the worst book on ldap with great misleading title
The writer is not putting any attention on "Administration" which is the title of the book! You will only find how to deploy LDAP and basic understanding for LDAP - and that too at primitive level.I don't know how O'reilly can start such a project. You can tell this book as just a compilation of material already out there. DON'T WASTE YOUR MONEY for THIS BOOK. Seriously.
-Kunal