I-LDAP: Isingeniso

Sanibonani zihlobo !. Siqala uchungechunge olusha lwezihloko esinethemba lokuthi zizosiza. Sithathe isinqumo sokubabhalela labo abathanda ukwazi ukuthi basebenzisana nani, futhi bazenzele okwabo ngaphandle kokuya ngesoftware ephathelene ngokuphelele, noma leyo engahambisani nohafu nengxenye yokuhweba.

Ukufundwa okudingekayo yi Umhlahlandlela Womphathi we-OpenLDAP Software 2.4. Yebo, ngesiNgisi, ngoba sisebenzisa isoftware eyenzelwe futhi yabhalwa ngolimi lweShakespeare. Recommend Sincoma ngokuqinile ukufunda ifayili le- Ubuntu Server Guide 12.04., esiyinikeza ukulanda.

Imibhalo ekhona ngeyesiNgisi. Angikatholi ukuhunyushwa kweSpanishi kokukodwa kwalokhu okubili okunconyiwe ngaphambilini.

Konke okubhalwe kulesi sethulo kuthathwe ku-Wikipedia noma kwahunyushwa ngokukhululekile ngesi-Spanish kusuka kumadokhumende ashiwo ngenhla.

Sizobona:

Incazelo efingqiwe

Kusuka kuWikipedia:

I-LDAP isichazamazwi se-Lightweight Directory Access Protocol (ngeSpanish Lightweight Directory Access Protocol) esibhekisa kumthetho olandelwayo wezinga lokufaka isicelo ovumela ukufinyelela kwinsizakalo yomkhombandlela e-odiwe futhi ehanjisiwe ukucinga imininingwane ehlukahlukene endaweni yenethiwekhi. I-LDAP ibuye ibhekwe njenge-database (yize uhlelo lwayo lokugcina lungahluka) olungabuzwa.

Inkomba iqoqo lezinto ezinezimfanelo ezihlelwe ngendlela enengqondo futhi ngokulandelana. Isibonelo esivame kakhulu yinkomba yocingo, equkethe uchungechunge lwamagama (abantu noma izinhlangano) ahlelwe ngokwe-alfabhethi, negama ngalinye linekheli nenombolo yocingo enamathiselwe kuyo. Ukuqonda kangcono, yincwadi noma ifolda, lapho kubhalwa khona amagama abantu, izinombolo zocingo namakheli, futhi ihlelwe ngokwe-alfabhethi.

Isihlahla somhlahlandlela we-LDAP kwesinye isikhathi sikhombisa imingcele ehlukahlukene yezepolitiki, yezwe, noma yenhlangano, kuya ngemodeli ekhethiwe. Ukuthunyelwa kwamanje kwe-LDAP kuvame ukusebenzisa amagama e-Domain Name System (DNS) ukuhlela amazinga aphezulu wobukhosi. Njengoba uskrolela phansi umkhombandlela, okufakwayo kungavela okumele abantu, amayunithi wenhlangano, amaphrinta, amadokhumenti, amaqembu abantu, noma yini emele okufakiwe okunikezwe esihlahleni (noma okufakiwe okuningi).

Imvamisa, igcina imininingwane yokufakazela ubuqiniso (umsebenzisi nephasiwedi) futhi isetshenziselwa ukugunyaza, noma kungenzeka ukugcina eminye imininingwane (idatha yokuxhumana yomsebenzisi, indawo yezinsizakusebenza ezahlukahlukene zenethiwekhi, izimvume, izitifiketi, njll.). Ngokufingqa, i-LDAP iyindlela yokufinyelela efinyelelwe kusethi yolwazi kunethiwekhi.

Uhlobo lwamanje yi-LDAPv3, futhi luchazwa kuma-RFCs RFC 2251 naku-RFC 2256 (idokhumenti yesisekelo se-LDAP), i-RFC 2829 (indlela yokufakazela ubuqiniso ye-LDAP), i-RFC 2830 (isandiso se-TLS), ne-RFC 3377 (imininingwane yezobuchwepheshe).

Ukuqalisa okuthile kwe-LDAP:

I-Active Directory: igama elisetshenziswa yiMicrosoft (kusukela ngeWindows 2000) njengesitolo semininingwane esimaphakathi kwesinye sezizinda zokuphatha. I-Directory Service iyinqolobane yolwazi ehleliwe ezintweni ezahlukahlukene eziqukethwe ku-Active Directory, kulokhu zingaba amaphrinta, abasebenzisi, amakhompyutha ... Isebenzisa izivumelwano ezahlukahlukene (ikakhulukazi, I-LDAP, i-DNS, i-DHCP, i-Kerberos...).

Ngaphansi kwaleli gama empeleni kune-schema (incazelo yezinkambu ezingabonwa) inguqulo 3 ye-LDAP, evumela ukuhlanganiswa kwamanye amasistimu asekela umthetho olandelwayo. Le LDAP igcina imininingwane mayelana nabasebenzisi, izinsiza zenethiwekhi, izinqubomgomo zokuphepha, ukumiswa, ukunikezwa kwezimvume, njll.

Izinsizakalo Zesiqondisi SikaNovellOkwaziwa nangokuthi i-eDirectory ukuqaliswa kwe-Novell okusetshenziselwa ukuphatha ukufinyelelwa kwezinsizakusebenza kumaseva namakhompyutha ahlukahlukene kunethiwekhi. Ngokuyisisekelo yakhiwe i-database yokulandelana nokuqondiswe entweni, emele iseva ngayinye, ikhompyutha, iphrinta, insizakalo, abantu, njll. Kudalwa phakathi kwezimvume zokulawulwa kokufinyelela, ngefa. Ubuhle balokhu kuqaliswa ukuthi kusebenza kuzingxenyekazi eziningi, ngakho-ke kungashintshwa kalula ezindaweni ezisebenzisa uhlelo olungaphezulu kolulodwa.

Yisandulela ngokwezakhiwo zoHlelo lwemibhalo, njengoba yethulwa ngo-1990 ngohlobo lweNovell Netware 4.0. Yize i-AD yeMicrosoft isikhule ngokuthandwa, namanje ayikwazi ukufana nokuthembeka nekhwalithi ye-eDirectory kanye namandla ayo we-Cross-Platform.

I-OpenLDAP: Ukusetshenziswa kwamahhala kwesivumelwano esisekela izikimu eziningi ukuze sisetshenziselwe ukuxhuma kunoma iyiphi enye i-LDAP. Inelayisense yayo, i-OpenLDAP Public License. Ukuba yiprothokholi ezimele yesikhulumi, ukusatshalaliswa okuningana kwe-GNU / Linux ne-BSD kuyayifaka, njenge-AIX, HP-UX, Mac OS X, Solaris, Windows (2000 / XP) ne-z / OS.

I-OpenLDAP inezinto ezine eziyinhloko:

  • slapd - i-daemon ezimele ye-LDAP.
  • slurpd - I-daemon ephindaphindwayo yokubuyekeza i-LDAP.
  • Izindlela zokusekela umtapo wolwazi we-LDAP
  • Izinsiza, amathuluzi namakhasimende.

Izici Zokhiye ze-LDAP ezisuka kumbono womsebenzisi

Luhlobo luni lwemininingwane esingayigcina kuhla lwemibhalo?. Imodeli yolwazi kusiqondisi se-LDAP isuselwa ku- amathikithi. Okungenayo iqoqo lezimpawu ezinegama elihlukile elihlukile noma i- "Igama elihlukanisiwe (DN)". I-DN isetshenziselwa ukubhekisa kokungenayo ngokuhlukile.

Imfanelo ngayinye yokufaka ine- unomusa futhi eyodwa noma ngaphezulu amanani. Izinhlobo ngokuvamile ziyizintambo ze-mnemonic njenge cn o "Igama Elivamile" lamagama ajwayelekile, noma imeyili ukuthola amakheli e-imeyili. I-syntax yamanani incike ohlotsheni lwemfanelo.

Isibonelo, imfanelo cn ingaqukatha inani le- I-Frodo Bagins. Imfanelo imeyili angaba nesibindi frodobagins@amigos.cu. Imfanelo jpgeIsithombe ingaqukatha isithombe ngefomethi kanambambili I-JPEG.

Ulwazi luhlelwe kanjani?. Ku-LDAP, okufakiwe kwesiqondisi kuhlelwe ngesakhiwo sokulandelana ngesimo somuthi oguquliwe. Ngokwesiko, lesi sakhiwo sikhombisa imingcele yezwe kanye / noma yenhlangano noma imikhawulo.

Okufakwayo okumele amazwe kuvela phezulu esihlahleni. Ngezansi kwabo kuzobe kukhona okufakwayo okumele amazwe nezinhlangano zikazwelonke.

Ngemuva kwalokho kungahle kube nokufakiwe okumelela amayunithi enhlangano, abantu, amaphrinta, amadokhumenti, noma yini enye esikwazi ukuyicabanga.

Lesi sibalo esingezansi yisibonelo sesihlahla somhlahlandlela se-LDAP lapho kusetshenziswa khona amagama endabuko.

Umdwebo 1

I-LDAP ivumela ukulawula ukuthi yiziphi izimfanelo esizidingayo ukungena ngokusebenzisa imfanelo ekhethekile ebizwa ngokuthi objectClass. Inani lemfanelo objectClass inquma i- Imithetho Yesikimu o Imithetho yeSikimu ukuthi okokufaka kufanele kulalele.

Silukhomba kanjani ulwazi?. Sibhekisa kokungenayo ngegama laso eliDumile noma Igama elidumile, eyakhiwe ngegama lokungena uqobo (olubizwa ngegama elihlobene lesihlobo noma Igama Elihlukile Elisihlobo o I-RDN), ehlanganiswe negama lemibhalo yokhokho bayo noma okhokho bayo.

Isibonelo, kusibalo esingenhla kokungenayo i-Frodo Bagins ine- I-RDN cn = Frodo Bagins kanye nalo DN ephelele cn = Frodo Bagins, ou = Izindandatho, o = Abangane, st = Havana, c = cu.

Siluthola kanjani ulwazi?. I-LDAP ichaze ukusebenza okudingekayo ukuphenya ngemibuzo nokuvuselela umkhombandlela. Lokhu kufaka phakathi imisebenzi yokwengeza nokususa okufakiwe, ukuguqula okuvele kukhona, nokuqamba kabusha okufakiwe.

Kodwa-ke, isikhathi esiningi i-LDAP isetshenziselwa ukusesha imininingwane egcinwe enkombeni. Imisebenzi yokusesha ivumela ingxenye ethile yomkhombandlela ukuthi iseshwe okufakiwe okuhlangabezana nemibandela ethile ebalulwe kusihlungi sosesho. Ngaleyo ndlela singasesha okufakiwe ngakunye okuhlangabezane nenqubo yokusesha.

Siluvikela kanjani ulwazi ekufinyeleleni okungagunyaziwe?. Ezinye izinsizakalo zemikhombandlela azivikelekile futhi zivumela noma ngubani ukuthi abuke imininingwane yakho.

I-LDAP inikeza indlela yamakhasimende ukuqinisekisa, noma aqinisekise ubunikazi bawo kwinsizakalo yomqondisi, ukuze kuqinisekiswe ukulawulwa kokufinyelela ukuvikela imininingwane equkethwe yiseva.

I-LDAP futhi isekela izinsizakalo zokuphepha kwedatha, zombili maqondana nobuqotho nokugcinwa kuyimfihlo.

Kufanele siyisebenzise nini i-LDAP?

Lo ngumbuzo omuhle kakhulu. Ngokuvamile, kufanele sisebenzise i-Directory Service lapho sidinga imininingwane ukuze igcinwe futhi iphathwe maphakathi, futhi ifinyeleleke ngezindlela ezisuselwa emazingeni.

Ezinye izibonelo zohlobo lolwazi esiluthola endaweni yebhizinisi neyezimboni:

  • Ukugunyazwa Komshini
  • Ukufakazela ubuqiniso komsebenzisi
  • Abasebenzisi bohlelo namaqembu
  • Incwadi yamakheli
  • Ukumelwa kwenhlangano
  • Ukulandela Izinsizakusebenza
  • Indawo Yokugcina Imininingwane Yocingo
  • Ukuphathwa Kwemithombo Yomsebenzisi
  • Usesho Lwekheli Le-imeyili
  • Isitolo Sokuhlela Isicelo
  • I-PBX Telephone Plant Configurations Warehouse
  • njll…

Kunamafayela amaSki AmaSabi ahlukahlukene -Amafayela AmaSkimu Ahanjisiwe- kusekelwe emazingeni. Kodwa-ke, singahlala sakha ukucaciswa kwe-Schema ... lapho singochwepheshe be-LDAP. 🙂

Kufanele singayisebenzisi nini i-LDAP?

Lapho sibona ukuthi singuye ukusonteka noma ngokuphoqa i-LDAP yethu ukuthi yenze esikudingayo. Uma kunjalo, kungadinga ukwakhiwa kabusha. Noma uma sidinga uhlelo lokusebenza olulodwa ukusebenzisa nokukhohlisa idatha yethu.

Yiziphi izinsiza ne-software esihlela ukuyifaka nokuyilungiselela?

  • Insiza Yezikhombo noma Insiza Yezincwadi kusekelwe I-OpenLDAP
  • Mayelana nathi NTP, DNS y DHCP ozimele
  • Hlanganisa Samba ku-LDAP
  • Mhlawumbe sizothuthukisa ukuhlanganiswa kwe- I-LDAP y I-Kerberos
  • Phatha uhla lwemibhalo ngohlelo lokusebenza lwewebhu Umphathi we-Akhawunti ye-Ldap.

Futhi lokhu okwanamuhla, bangani!

Imithombo exoxiwe:

  • https://wiki.debian.org/LDAP
  • Umhlahlandlela Womphathi we-OpenLDAP Software 2.4
  • Ubuntu 12.04 server guide

Amazwana ayi-15, shiya okwakho

Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

*

*

  1. Ubhekele imininingwane: Miguel Ángel Gatón
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.

  1.   oscar kusho

    Ngicabanga ukuthi iFreeIPA iphrojekthi ebanzi (i-LDAP, iKerberos, i-DNS, njll) ethokozisayo ukuyifunda, ngokususelwa kuseva ye-LDAP 389.

  2.   Isigaxa seGuido kusho

    Ukuqala ngokuthandwa kwama-Pfs akusebenzi. Nginentshisekelo yokuzifundisa nge-ldap. Siyabonga ngokwabelana.

    1.    izinga kusho

      Izixhumanisi zilungisiwe.

  3.   eliotime3000 kusho

    Kuyathakazelisa.

  4.   masisebenzise i-linux kusho

    Ubuye ngocingo, kanye futhi!
    Umnikelo omkhulu.
    Hug! UPaul.

  5.   frederico kusho

    Ngiyabonga nonke ngokuphawula !!! Angikwazanga ukuxhumana ngaphambili nemodemu yami ku-28000 baud / ngomzuzwana. Ijubane elinjani. 🙂
    Ukubingelela kubo bonke

  6.   frederico kusho

    Ngiyabonga kakhulu nonke ngokuphawula !!!. I-Ozkar, iFreeIPA ingaphezulu kakhulu kwe-LDAP. Ihlanganisa iRed Hat Active Directory 389 nochungechunge lonke lwezinsizakalo ezihlobene. Kuyisilwane sephrojekthi seFedora. Kukhulu kakhulu ngolwazi lwami olunesizotha.

  7.   TheSandman86 kusho

    I-athikili enhle kakhulu, ingifanela njengeglavu ngoba bengizilungiselela ukuzifaka kulezi zingqinamba, ngibheke phambili izindatshana ezintsha.

  8.   Euphoria kusho

    Ngiyabonga kakhulu ngokwabelana, ngalokho kanye ne-ClearOS enginayo isikhashana 🙂

  9.   i-vidagnu kusho

    Isifundo esihle kakhulu, ngiphinde ngalanda incwadi ye-Ubunto, ngiyabonga!

    1.    i-vidagnu kusho

      Ubuntu jejjeej ngisalele ...

  10.   inyanga kusho

    Yize ngingawuhloniphi umsebenzi wakho, ngiwufunde ngaphezulu futhi uma bengikuqonda kahle konke kabi noma kahle, kungaqondakala kuleli hlaya:
    "Kodwa uma ngiba yi-capo capo ye-open-ldap ngakha isiphequluli sami sewebhu ne-google shakes!"

    1.    inyanga kusho

      Siyabonga ngomzamo futhi kubuhlungu ukuthi ayikho into ngeSpanishi. mmm ...

  11.   edgar kusho

    Manje ngiqhubekela phambili kancane ngilokhu ngifunda okuthunyelwe ekhasini https://blog.desdelinux.net/ldap-introduccion/ Ngingathanda ukuthi ucacise kancane ukuthi kubhekiselwa Kokuqinisekiswa Komshini, leli phuzu alicaci kimi futhi nginomdlandla omkhulu ngale OpenLdap esengichithe amahora amaningi ngifunda le bhulogi kepha ngifuna ukwazi ukuqonda izihloko nemibono ngaleso sizathu ukungenelela emisebenzini yakho kusengaphambili ngiyabonga kakhulu Mnu Fico siyaqhubeka ngemikhonzo yokuxhumana