Calculate Linux Documentation » Server Configuration »

17. LDAP Server Structure

Introduction

Entries of a LDAP server consist of one or more attributes and have unique names, or DNs (DN stands for Distinguished Name). The DN can look somewhat like this: "cn=John Glower,ou=Employee,dc=example,dc=com".

The DN consists of one or more relative distinguished names (RDN), separated by commas. The RDN syntax is "AttributeName=value". There cannot be two entries with the same RDN on one directory level. This structure makes it possible to see the directory as a tree, with entries as branches and entry attributes as leaves. The root branch is the entry all other entries depend upon, while it does not depend on any.

General description of LDAP structure on a Calculate server

The root branch "dc = calculate contains the following entries (or "branches"):

cn=ldapadmin

contains the DN and the password for connecting to the LDAP server with full rights.
cn=proxyuser

contains the DN and the password for connecting to the LDAP server with a read permission; there will be no access to some fields, such as userPassword, etc.
ou=Services

contains the branches of the services installed with Calculate 2 utilities.

Thus the branch "ou=Services" contains a set of description branches for the services ou=Unix, ou=Mail, ou=Samba, ou=Ftp and ou=Jabber. Each service branch is a DN, can store the password for connecting to the LDAP server with access to their data and may contain sub-branches: "OU = Users" (for accounts), "OU = groups" (for groups), "OU = computers" (for computers).

Viewing LDAP structure

You can use any LDAP browser to view the structure of your LDAP server.

To connect to the database with full rights you need the LDAP administrator password. It is stored in the /var/lib/calculate/calculate.ldap file on the server. This file is divided in sections, each of which is named after the service it describes. Each section has a DN entry and the password. The Administrator account is located in the [admin] section.

Example: viewing the structure of LDAP with Luma

When you launch Luma, a window is opened, shown below:

To create a connection to the LDAP-based server with full access, do the following steps:
  • choose Settings->Edit Server List or hit Ctrl+E: a window will be opened for managing connections to an LDAP server:

  • press Add and type the connection name in the new window, e.g. proxy@newserver
  • press on the name that has appeared in the list of servers, and you will see the setup branches for the LDAP connection
  • click in the Network options branch and enter the server Hostname in the corresponding setting field
  • go to the Authentification branch and put the Anonymous bind flag off
  • keep Mechanism set to the Simple value
  • set Bind as to DN - "cn=ldapadmin,dc=calculate", and put the contents of the PASS field from /var/lib/calculate/calculate.ldap as Password, then press OK

Select the Browser plugin, and you will see the structure of the LDAP server:

About Project
History
Screenshots
Logos and themes
Video
Reviews
Introduction
Contact Us
Donations

Development
News
Calculate Linux

Products
Calculate Directory Server
Calculate Linux Desktop
Calculate Linux Scratch
Support
Downloads
License

Documentation
Installing Calculate
Working with Calculate
Working with Portage
Calculate Utilities
Server Configuration
Workstation Setup
Calculate Network Configuration
Hardware Setup
Manuals
Guides

Services
Newest Packages
GLSA
Browse Packages
USE Flags
All Licenses

OpenID Server
Pastebin

Community
Blogs
Forums
Wiki
BugTracker

Calculate User Map
LinuxQuestions
Facebook
Google+
Telegram
Twitter
If you find a mistake, please highlight it and press Ctrl+Enter.
Thank you!