Professional Documents
Culture Documents
2. Extended LDAP
2.1. Objective
DIT is a structure which is presented in a structural, tree-like hierarchy within the LDAP
database, and its full-form is “Directory Information Tree” (Burgess, 2004). Numerous DITs
could be administered via OpenLDAP. Generally, the qualities that characterize the Directory
Information Tree's foundation or root are Organizational(o) and (dc) domain component) (DIT).
The Directory Information Tree (DIT) and the default schema are the two features that come
with LDAP name services by default. User accounts, passwords, and shadow account
information are stored in a structure called ou=people. The ou=host container's outputs offer
information about the network's systems. One item would represent each of the object types
posixAccount and shadowAccount in the ou=people container. The default DIT, which adheres
to open standards, utilizes a well-organized directory structure.
1. must create the second domain with the "dc=" format once the first DIT or domain has
been introduced to the system. - have accomplished it by editing the
3. -The user account information has to be updated to use the same "dc=" format as the second
DIT. This may be done by making the following changes to the "etc/openldap/userdata.ldif"
file:
8. The following queries may also be attempted: Enter the first one completely, and then press
[Up-Arrow] to retrieve and alter it.
Figure: description of user
The user's description on nets A, B, and C is depicted in the image above.
Figure: description of user on the net-A
The details about user are on nets A which is shown in the screenshot above
The first DIT is searched in LDAP. Results for the given search are displayed in the above graph.
As can see, if you don't give any criteria, the LDAP client will assume that you want to
search across all object classes in your directory tree. Make careful to execute your LDAP search
privately since if you use the administrator account, you could see user-encrypted passwords.
Configuring Dovecot
9. Now the setup for the Dovecot service shall be configured in order to use the LDAP
functionalities. We may accomplish this by modifying the /etc/dovecot/dovecot.conf file and
uncommenting the following portion of code:
11. The LDAP address should be replaced with the localhost address in /etc/dovecot/dovecot-
ldap.conf.
Obstacles
No obstacles were faced while performing Extended LDAP.
References
Burgess, M. (2004). Principles of Network and System Administration (2nd ed. Wiley.