Exploring Active Directory with Free Software

In an Active Directory environments, you have (Windows) computers joined to a domain that does a lot a magic to allow you to use services without really thinking of it. You have Network Browsing, Exchange auto discovery…

I’m going to use general I.T. tools to explore the Active Directory and guess what we can connect to with our non-Microsoft system.
Continue reading “Exploring Active Directory with Free Software”

Search Active Directory from the desktop

That day, at work, I had to check if an application has been implemented as it should have been.
The application was supposed to use Active Directory groups to filter users access to some data.

I’m no admin on my desktop ; but I had to find a “standard” way to query the corporate Active Directory.
Here’s the trick.

Continue reading “Search Active Directory from the desktop”

Backup LDAP entries with ldapsearch

I have a LDAP instance running the OpenBSD’s ldapd. I installed the openldap-client package so that I get ldapsearch, but there doesn’t seem to be any slapcat-like tool ; which may be used to backup the LDAP content in LDIF format.

Here’s a trick to dump the ldapd content using ldapsearch:

# ldapsearch -x -H ldaps://ldap.tumfatig.net -D "cn=admin,dc=tumfatig,dc=net" -W -b "dc=tumfatig,dc=net" -LLL > ldapd-"`date +%Y%m%d`".ldif

This generates a file in LDIF format which can be used by ldapadd to fill another LDAP instance.
W00t!

Back to the sea ; the mail server (SMTP, IMAP, GreyList, RBL…), episode X

Like I did with NetBSD, this is how to build an almost complete Mail Server with OpenBSD.

We’re gonna use a Dovecot IMAP server and a Postfix SMTP server. Postfix will use Dovecot as a SASL service. Both will use LDAP to identify valid users and e-mail aliases. Mail sanitization will be provided by RBL, from Postfix, and by the spamd shipped with OpenBSD.

Continue reading “Back to the sea ; the mail server (SMTP, IMAP, GreyList, RBL…), episode X”

Back to the sea ; the Lightweight Directory (LDAP), episode V

OpenBSD 4.8 ships with a home-made LDAP daemon called ldapd.
According to the man page, “ldapd does not fully work yet” ; but for basic authentication directory, it seems to work just fine.
Continue reading “Back to the sea ; the Lightweight Directory (LDAP), episode V”