I want my OpenBSD 6.4 services to authenticate users from a remote LDAP server ; namely a Synology Directory Server (DSM 6.2.x). It turns out that this a standard OpenLDAP 2.4.x configured to accept replication refreshAndPersist mode. So let’s configure a Master / Slave Replication system between Synology and OpenBSD.
I wanted to share users authentication and permissions between the QNAP TS-453mini and my OpenBSD servers. An option is to enable and manage LDAP server on the QNAP and configure OpenBSD 6.0 to authenticate the users on the remote LDAP service.
Looking to replace my old Postfix/Dovecot configuration with more native OpenBSD stuff, I finally ended with a configuration than seems suitable to me. I’ll be hosting virtual users and mail aliases in ldapd(8), smtpd(8) will deal with email receiving/sending and dovecot(1) will be in charge of email delivery using LMTP and email reading using IMAP. Of course, spamd(8) will do a bit of work in front of OpenSMTPD. All of those will run on OpenBSD 5.7.
Continue reading “OpenSMTPD, Dovecot and ldapd on OpenBSD 5.7”
Quoting the Package Center description: “Directory Server provides LDAP service with centralized access control (…)”.
Let’s have a (quick) look at what Synology’s LDAP service provides.
Continue reading “Quick overview on Synology Directory Server”
OpenBSD ships with an LDAP daemon since 4.8. I have an all-in-one server from which the LDAP service has to be shipped out. I’m going to replace that OpenLDAP daemon with the LDAP daemon from OpenBSD 5.1. I already wrote about how to enable LDAP on OpenBSD 4.8.
Those will be updated notes for OpenBSD 5.1 and additional directions to allow monitoring the LDAP activity using SNMP and Xymon server.