openldap/doc/guide/admin/config.sdf

76 lines
3.0 KiB
Plaintext
Raw Normal View History

1999-10-01 00:57:45 +08:00
# $OpenLDAP$
2000-07-23 02:59:40 +08:00
# Copyright 1999-2000, The OpenLDAP Foundation, All Rights Reserved.
1999-04-24 07:41:45 +08:00
# COPYING RESTRICTIONS APPLY, see COPYRIGHT.
1999-04-24 07:00:44 +08:00
H1: The Big Picture - Configuration Choices
This section gives a brief overview of various LDAP directory
configurations, and how your LDAP server (either {{I:slapd}} or
{{I:ldapd}}) fits in with the rest of the world.
H2: LDAP as a local service only
In this configuration, you run a {{I:slapd}} which provides directory service
for your local domain only. It does not interact with other directory
servers in any way. This configuration is shown in Figure 2.
!import "config_local.gif"; align="center"; title="Local service via slapd configuration"
1999-09-26 01:17:51 +08:00
FT[align="Center"] Figure 2: Local service via slapd configuration.
1999-04-24 07:00:44 +08:00
Use this configuration if you are just starting out (it's the one the
quick-start guide makes for you) or if you want to provide a local
service and are not interested in connecting to the rest of the world.
It's easy to upgrade to another configuration later if you want.
H2: Local service with X.500 referrals
In this configuration, you run a slapd which provides directory service
for your local domain and an ldapd which provides access to the
X.500 world (you don't have to run the ldapd yourself - you can just
point to somebody else who does and doesn't mind you pointing to
their service). This configuration is shown in Figure 3.
!import "config_x500ref.gif"; align="center"; title="Local service via slapd + X.500 referrals configuration"
1999-09-26 01:17:51 +08:00
FT[align="Center"] Figure 3: Local service via slapd + X.500 referrals configuration
1999-04-24 07:00:44 +08:00
Use this configuration if you want to provide local service but still want
to be connected to the rest of the X.500 world. Remember, you don't
necessarily have to be running the ldapd in this picture; you just need
to find one you can point to.
H2: LDAP as a front end to X.500
In this configuration, you run an X.500 service which provides
directory service for your local domain and gatewaying service to the
rest of the X.500 world. LDAP clients gain access to the directory
through an ldapd which runs at your site. This configuration is shown
in Figure 4.
!import "config_x500fe.gif"; align="center"; title="Local service via X.500 and ldapd configuration"
1999-09-26 01:17:51 +08:00
FT[align="Center"] Figure 4: Local service via X.500 and ldapd configuration
1999-04-24 07:00:44 +08:00
Use this configuration if you are already running an X.500 service.
Slapd is not involved in this configuration, so you can probably stop
reading this guide.
H2: Replicated slapd service
The slurpd daemon is used to propagate changes from a master slapd
to one or more slave slapds. An example master-slave configuration
is shown in figure 5.
!import "config_repl.gif"; align="center"; title="Master slapd with two slaves replicated with slurpd"
1999-09-26 01:17:51 +08:00
FT[align="Center"] Figure 5: Master slapd with two slaves replicated with slurpd
1999-04-24 07:00:44 +08:00
This configuration can be used in conjunction with the first two
configurations in situations where a single slapd does not provide the
required reliability or availability.