Net-ldap for Ruby OpenLDAP LDAP

Preface:ldap Key Concepts and terminology

Opennebula issues:
Missing step to use LDAP as default driver

Cp-r/var/lib/one/remotes/auth/ldap/var/lib/one/remotes/auth/default

Standalone LDAP Daemon, SLAPD (Standalone Lightweight Access Protocol)

Lightweight Directory Access Protocol

Information in the LDAP directory is organized by tree structure
The specific information is stored in the data structure of the entry (entry);
Entries are equivalent to table recored in a relational database
Entry has distinguished name DN (distinguished name) attribute (attribute)
The distinguished name of the DN entry is used to refer to the entry entry
DN (distinguished name)
DN equivalent to keyword PRIMARY key in relational database

Entry a record similar to a relational database table
The DN (distinguished name) is used to refer to the entry equivalent of a relational database primary key
DN attributed consists of type and one or more values, equivalent to field names and data types in a relational database
Retrieve
The type in LDAP can have multiple value instead of the relational database in order to reduce the redundancy of the data required to implement the various domains must be irrelevant
LDAP entry organization is generally organized by geographical location and organizational relationship, very intuitive
LDAP stores data in a text file, and for efficiency you can use an index-based file database instead of a relational database
LDAP information is stored in a tree-shaped structure
In the root of the tree is generally defined national country (C=CN) or domain name (dc=com) domainName
Under it often defines one or more organizations (organization) (O=ACME)
Organization (organization) organizational unit (organization unit)
An organizational unit may contain such as all employees .....
LDAP supports control over what attributes an entry can and must support, which is a special property called Object Category (ObjectClass) to implement
The value of the property determines what attributes the entry can and should contain at least
InetOrgPerson object classes need to support Sn (surname) and CN (common name) properties

LDAP root typically defines a national domain name
O--Organization (organization, company)
OU--Organization unit (organizational unit, Department)
C--countryname (country)
DC--domaincomponent (domain name)
sn--suer name (real name)
CN--Common name (common name)

LDAP organizes information in a tree-shaped structure
The information is stored in the entry entry (you can see that he is a table in the relational database)
Entry has a DN (distinguished name) distinguished name (similar to a record in a relational database)
DN has attribute type and value

DN (distinguished name): o=organization,c= (country)
RDN (relative distinguished name)
Dn:ou (organization Unit Company-Department) =manager,o (Organization Company) =,c=country (country)
Layered hierarchy Structure structure
Acme
Manager organization Unit
Employees Organization
The management organization and employee organization DN of a company in a country
DN:CN (common name) =ruiy,ou (organization unit) =managers,o (organization) = company Name, c (country) = Country

Design Definition LDAP directory structure
Import catalog Information data
Directory information data for LDAP is typically stored in the LDIF (lightwight directory info) file
LDIF (LDAP Data Interchange Format)

Before adding any organizational unit (organization unit), DN (distinguished name)
DN (Distinguished name entry, an information record for LDAP entry recored): O (Organization (comparyname) =), C (CountryName)
Objectclass:organization

LDAP uses Rsyslog to log logs
/etc/openldap/slapd.conf
Add statement
LogLevel 259

/etc/rsyslog.conf
Add statement
local4.*/var/log/ldap.log

1,LDAP Server Setup

2,LDAP server and use this year

Error resolution

The OU defined in the reason DN without LDIF (Organization unit is similar to a company name)

Solution Add OU

List all LDAP DN Object

Add an OU statement

3,net-ldap add for OpenLDAP extend auth Module LDAP addon plug-in installation (located on your one server, install this plugin ldapbind)

4,LDAP Authentication for Opennebula integrated configuration

5,OPENLDAP Common Operation statements

Ldapadd-x-D cn=admin,dc=ldap,dc=zzbank,dc=cc-w-F ce.ldif (add users and groups)
Ldapsearch-x-lll-h ldap:///-B dc=ruige,dc=zzbank,dc=cc (Search all object)
Ldapdelete-x-w-d ' cn=admin,dc=ruige,dc=zzbank,dc=cc ' "uid=ruiy,ou=people,dc=ruige,dc=zzbank,dc=cc" (delete users and groups)

Tel,

Net-ldap for Ruby OpenLDAP LDAP