1999-10-01 00:57:45 +08:00
|
|
|
# $OpenLDAP$
|
1999-04-24 07:41:45 +08:00
|
|
|
# Copyright 1999, The OpenLDAP Foundation, All Rights Reserved.
|
|
|
|
# COPYING RESTRICTIONS APPLY, see COPYRIGHT.
|
1999-04-24 07:00:44 +08:00
|
|
|
H1: The Big Picture - Configuration Choices
|
|
|
|
|
|
|
|
This section gives a brief overview of various LDAP directory
|
|
|
|
configurations, and how your LDAP server (either {{I:slapd}} or
|
|
|
|
{{I:ldapd}}) fits in with the rest of the world.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
H2: LDAP as a local service only
|
|
|
|
|
|
|
|
In this configuration, you run a {{I:slapd}} which provides directory service
|
|
|
|
for your local domain only. It does not interact with other directory
|
|
|
|
servers in any way. This configuration is shown in Figure 2.
|
|
|
|
|
1999-05-02 06:11:02 +08:00
|
|
|
!import "config_local.gif"; align="center"; title="Local service via slapd configuration"
|
1999-09-26 01:17:51 +08:00
|
|
|
FT[align="Center"] Figure 2: Local service via slapd configuration.
|
1999-04-24 07:00:44 +08:00
|
|
|
|
|
|
|
Use this configuration if you are just starting out (it's the one the
|
|
|
|
quick-start guide makes for you) or if you want to provide a local
|
|
|
|
service and are not interested in connecting to the rest of the world.
|
|
|
|
It's easy to upgrade to another configuration later if you want.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
H2: Local service with X.500 referrals
|
|
|
|
|
|
|
|
In this configuration, you run a slapd which provides directory service
|
|
|
|
for your local domain and an ldapd which provides access to the
|
|
|
|
X.500 world (you don't have to run the ldapd yourself - you can just
|
|
|
|
point to somebody else who does and doesn't mind you pointing to
|
|
|
|
their service). This configuration is shown in Figure 3.
|
|
|
|
|
1999-05-02 06:11:02 +08:00
|
|
|
!import "config_x500ref.gif"; align="center"; title="Local service via slapd + X.500 referrals configuration"
|
1999-09-26 01:17:51 +08:00
|
|
|
FT[align="Center"] Figure 3: Local service via slapd + X.500 referrals configuration
|
1999-04-24 07:00:44 +08:00
|
|
|
|
|
|
|
Use this configuration if you want to provide local service but still want
|
|
|
|
to be connected to the rest of the X.500 world. Remember, you don't
|
|
|
|
necessarily have to be running the ldapd in this picture; you just need
|
|
|
|
to find one you can point to.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
H2: LDAP as a front end to X.500
|
|
|
|
|
|
|
|
In this configuration, you run an X.500 service which provides
|
|
|
|
directory service for your local domain and gatewaying service to the
|
|
|
|
rest of the X.500 world. LDAP clients gain access to the directory
|
|
|
|
through an ldapd which runs at your site. This configuration is shown
|
|
|
|
in Figure 4.
|
|
|
|
|
1999-05-02 06:11:02 +08:00
|
|
|
!import "config_x500fe.gif"; align="center"; title="Local service via X.500 and ldapd configuration"
|
1999-09-26 01:17:51 +08:00
|
|
|
FT[align="Center"] Figure 4: Local service via X.500 and ldapd configuration
|
1999-04-24 07:00:44 +08:00
|
|
|
|
|
|
|
Use this configuration if you are already running an X.500 service.
|
|
|
|
Slapd is not involved in this configuration, so you can probably stop
|
|
|
|
reading this guide.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
H2: Replicated slapd service
|
|
|
|
|
|
|
|
The slurpd daemon is used to propagate changes from a master slapd
|
|
|
|
to one or more slave slapds. An example master-slave configuration
|
|
|
|
is shown in figure 5.
|
|
|
|
|
1999-05-02 06:11:02 +08:00
|
|
|
!import "config_repl.gif"; align="center"; title="Master slapd with two slaves replicated with slurpd"
|
1999-09-26 01:17:51 +08:00
|
|
|
FT[align="Center"] Figure 5: Master slapd with two slaves replicated with slurpd
|
1999-04-24 07:00:44 +08:00
|
|
|
|
|
|
|
This configuration can be used in conjunction with the first two
|
|
|
|
configurations in situations where a single slapd does not provide the
|
|
|
|
required reliability or availability.
|
|
|
|
|