openldap #2

  • By dmitriis
  • Latest version (#2)
  • xenial
  • Stable

Description

Slapd is the stand-alone LDAP daemon. It listens for LDAP connections
on any number of ports (default 389), responding to the LDAP operations
it receives over these connections.


openldap

This charm provides a way to deploy OpenLDAP.

OpenLDAP is a free, open source implementation of the Lightweight Directory
Access Protocol (LDAP) developed by the OpenLDAP Project.

OpenLDAP has three main components:

  • slapd – stand-alone LDAP daemon and associated modules and tools
  • libraries implementing the LDAP protocol and ASN.1 Basic Encoding Rules (BER)
  • client software: ldapsearch, ldapadd, ldapdelete, and others

Slapd is the stand-alone LDAP daemon. It listens for LDAP connections on any
number of ports (389 by default), responding to the LDAP operations it receives
over these connections.

From the data storage perspective slapd provides a hierarchical database
which means that it does not rely on a relational model and is more suitable to
provide storage for tree-like data structures with custom attributes, values and
inheritance.

Usage

Step by step instructions on using the charm:

juju deploy openldap

Limitations

For now only a standalone slapd is deployed without an ability to configure replication.

Contact Information

Please contact dima{at}canonical.com if you have any questions about this code.

This charm is free an open source and is not officially supported by Canonical.

Additional information

For more information please visit http://www.openldap.org

Configuration

domain
(string) The DNS domain name is used to construct the base DN of the LDAP directory. For example, 'foo.example.org' will create the directory with 'dc=foo, dc=example, dc=org' as base DN.
evil.corp
tls_ca
(string) TLS CA used for by slapd so that clients can verify server identity. Alternatively, tls-certificates interface can be used to retrieve this certificate and a key used with it.
package_status
(string) The status of service-affecting packages will be set to this value in the dpkg database. Valid values are "install" and "hold".
install
extra_packages
(string) Space separated list of extra deb packages to install.
organization
(string) The name of the organization to construct the base DN of the LDAP directory
evilcorp
password
(string) Admin password used to create a directory. Auto-generated if not provided. Use include-file:// directives in bundles to supply that to avoid storing credentials in config.yaml
install_keys
(string) List of signing keys for install_sources package sources, per charmhelpers standard format (a yaml list of strings encoded as a string). The keys should be the full ASCII armoured GPG public keys. While GPG key ids are also supported and looked up on a keyserver, operators should be aware that this mechanism is insecure. null can be used if a standard package signing key is used that will already be installed on the machine, and for PPA sources where the package signing key is securely retrieved from Launchpad.
install_sources
(string) List of extra apt sources, per charm-helpers standard format (a yaml list of strings encoded as a string). Each source may be either a line that can be added directly to sources.list(5), or in the form ppa:<user>/<ppa-name> for adding Personal Package Archives, or a distribution component to enable.
tls_key
(string) TLS key to use accompanying the tls certificate in tls_ca.