LDAP configuration backend

Presentation

You can choose to store LemonLDAP::NG configuration in an LDAP directory.

Advantages:

The configuration will be store under a specific branch, for example ou=conf,ou=applications,dc=example,dc=com.

Each configuration will be represented as an entry, which structural objectClass is applicationProcess. This objectClass is included in every core schemas.

The configuration name is the same that files, so lmConf-1, lmConf-2, etc. This name is used in entry DN, for example cn=lmConf-1,ou=conf,ou=applications,dc=example,dc=com.

Then each parameter is one value of the attribute description, prefixed by its key. For example {ldapPort}389.

The LDIF view of such entry can be: 

dn: cn=lmConf-1,ou=conf,ou=applications,dc=example,dc=com
objectClass: top
objectClass: applicationProcess
cn: lmConf-1
description: {globalStorage}'Apache::Session::File'
description: {cookieName}'lemonldap'
description: {whatToTrace}'$uid'
...

Configuration

LDAP server

Configuration objects use standard object class: applicationProcess. This objectClass allow attributes cn and description. If your LDAP server do not manage this objectClass, you have to extend your schema.

We advice to create a specific LDAP account with write access on configuration branch.

Next create the configuration branch where you want. Just remember its DN for LemonLDAP::NG configuration.

LemonLDAP::NG

Configure LDAP configuration backend in lemonldap-ng.ini, section [configuration]: 

type = LDAP
ldapServer = ldap://localhost
ldapConfBase = ou=conf,ou=applications,dc=example,dc=com
ldapBindDN = cn=manager,dc=example,dc=com
ldapBindPassword = secret

Parameters: