Monitoring OpenBSD’s LDAP daemon
OpenBSD ships with an LDAP daemon since 4.8. I have an all-in-one server from which the LDAP service has to be shipped out. I’m going to replace that OpenLDAP daemon with the LDAP daemon from OpenBSD 5.1. I already wrote about how to enable LDAP on OpenBSD 4.8.
Those will be updated notes for OpenBSD 5.1 and additional directions to allow monitoring the LDAP activity using SNMP and Xymon server.
Exploring Active Directory with Free Software
In an Active Directory environments, you have (Windows) computers joined to a domain that does a lot a magic to allow you to use services without really thinking of it. You have Network Browsing, Exchange auto discovery…
I’m going to use general I.T. tools to explore the Active Directory and guess what we can connect to with our non-Microsoft system.
Continue reading…
Search Active Directory from the desktop
That day, at work, I had to check if an application has been implemented as it should have been.
The application was supposed to use Active Directory groups to filter users access to some data.
I’m no admin on my desktop ; but I had to find a “standard” way to query the corporate Active Directory.
Here’s the trick.
Backup LDAP entries with ldapsearch
I have a LDAP instance running the OpenBSD’s ldapd. I installed the openldap-client package so that I get ldapsearch, but there doesn’t seem to be any slapcat-like tool ; which may be used to backup the LDAP content in LDIF format.
Here’s a trick to dump the ldapd content using ldapsearch:
# ldapsearch -x -H ldaps://ldap.tumfatig.net -D "cn=admin,dc=tumfatig,dc=net" -W -b "dc=tumfatig,dc=net" -LLL > ldapd-"`date +%Y%m%d`".ldif
This generates a file in LDIF format which can be used by ldapadd to fill another LDAP instance.
W00t!
Back to the sea ; the mail server (SMTP, IMAP, GreyList, RBL…), episode X
Like I did with NetBSD, this is how to build an almost complete Mail Server with OpenBSD.
We’re gonna use a Dovecot IMAP server and a Postfix SMTP server. Postfix will use Dovecot as a SASL service. Both will use LDAP to identify valid users and e-mail aliases. Mail sanitization will be provided by RBL, from Postfix, and by the spamd shipped with OpenBSD.