         OpenLDAP Workshop培训

OpenLDAP overview
Comparison with web and relational databases
Entry structure
Tree structure
Simple searches
Attributes Syntaxes and Object Classes
RootDSE and subschema subentry
LDAP Operations
LDIF
Command-line tools
GUI tools
Phpldapadmin - Installation and Configuration
Basic configuration and maintenance
Installation from source code and decisions to be made at the build time
Installation from packages
Server structure: front-end, overlays, back-ends
Evolution of disk-based backends
Building test servers
Differences for production servers
Static configuration using slapd.conf
Dynamic configuration via cn=config
Conversion from slapd.conf to cn=config
Monitoring via cn=monitor
Backup and restore procedures
Conversion from hdb to mdb backend
Upgrading between OpenLDAP versions
Authentication and Authorisation using LDAP
Bind methods: simple, SASL, public-key, Kerberos
Security of passwords: ldap:/// ldaps:/// ldapi:///
Representing groups in LDAP
Using LDAP for Authentication and authorisation of other services
Apache - Basic Auth configuration mechanism
Management of system users with OpenLDAP
RFC2307 / RFC2307bis / DBIS
Configuration of NSS and PAM
nss-pam-ldapd vs SSSD
SSL/TLS
Certificate hierachies
Using TLS with OpenLDAP: Server certs, Client certs and SASL EXTERNAL
Access Control
Basic ACLs
Limits
Access Control Policy
Testing ACLs
Distributed directories
Replication, Chaining, and Referral
Master-slave
Mirrormode
Extending the schema
Simple Schema Design
OIDs
Schema definition files
Designing the Directory Information Tree
Working with existing applications and services
Directory synchronisation and transformation tools
LDAP proxies, firewalls and entry mapping