[ale] Low resource, easy to admin LDAP server

Jim Kinney jim.kinney at gmail.com
Fri Dec 23 08:21:12 EST 2016 

Hah, hah. I don't think of hard drive space or package count any more. For
me, an application that pulls in 150 dependencies and requires 280 MB when
installed is nothing when it's on a system with 6 4TB drives in a RAID6.

As I use freeipa at work, it's pretty easy to setup and it includes
automatic replication. Since I don't have to do a zillion configuration
steps before it runs, that's "lightweight" for me.

Yeah. Freeipa is overkill for just storing names and phone numbers. A flat
file and a grep search is really light and fast enough up to many hundreds
of entries. Slap a tiny perl/python/ruby web front end on it and call it a
day.

On Dec 22, 2016 10:37 PM, "DJ-Pfulio" <DJPfulio at jdpfu.com> wrote:

> And FreeIPA meets those requirements?  Truly?
> $ sudo apt install freeipa-server
> Reading package lists... Done
> Building dependency tree
> Reading state information... Done
>
> The following additional packages will be installed:
>   389-ds-base 389-ds-base-libs ant ant-optional apache2 apache2-bin
>   apache2-data apache2-utils bind9 bind9-dyndb-ldap bind9utils certmonger
>   custodia dogtag-pki-server-theme fonts-font-awesome freeipa-admintools
>   freeipa-client freeipa-common freeipa-server-dns glassfish-activation
>   ieee-data junit krb5-admin-server krb5-config krb5-kdc krb5-kdc-ldap
>   krb5-pkinit krb5-user ldap-utils libantlr-java libapache-pom-java
>   libapache2-mod-auth-gssapi libapache2-mod-nss libapache2-mod-wsgi libapr1
>   libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap libargs4j-java
>   libatinject-jsr330-api-java libatk-wrapper-java libatk-wrapper-java-jni
>   libbasicobjects0 libbsh-java libc-ares2 libclassworlds-java
>   libcodemodel-java libcollection4 libcommons-cli-java
> libcommons-codec-java
>   libcommons-collections3-java libcommons-dbcp-java
> libcommons-httpclient-java
>   libcommons-io-java libcommons-lang-java libcommons-logging-java
>   libcommons-net2-java libcommons-parent-java libcommons-pool-java
>   libcurl3-nss libdbd-sqlite3-perl libdbi-perl libdhash1 libdom4j-java
>   libdoxia-core-java libdtd-parser-java libecj-java
> libexcalibur-logkit-java
>   libfastinfoset-java libgssrpc4 libguava-java libhsm-bin
> libhttpclient-java
>   libhttpcore-java libini-config5 libipa-hbac0 libirs141 libisorelax-java
>   libistack-commons-java libjackson-json-java libjackson2-annotations-java
>   libjackson2-core-java libjackson2-databind-java
> libjackson2-dataformat-smile
>   libjackson2-jaxrs-providers-java libjackson2-module-jaxb-
> annotations-java
>   libjavassist-java libjaxb-api-java libjaxb-java libjaxen-java
>   libjaxp1.3-java libjdom1-java libjettison-java libjing-java
>   libjoda-convert-java libjoda-time-java libjs-dojo-core libjs-dojo-dijit
>   libjs-dojo-dojox libjsch-java libjsoup-java libjsr305-java
>   libjsr311-api-java libjss-java libkadm5clnt-mit9 libkadm5srv-mit9
> libkdb5-8
>   libkrad0 libldap-java libldns1 liblog4j1.2-java
>   libmaven-file-management-java libmaven-shared-io-java libmaven2-core-java
>   libmozilla-ldap-perl libmsv-java libnetaddr-ip-perl libnss-sss libnss3-1d
>   libnss3-tools libnuxwdog-java libnuxwdog0 liboro-java libpam-pwquality
>   libpam-sss libpath-utils1 libperl4-corelibs-perl
> libplexus-ant-factory-java
>   libplexus-archiver-java libplexus-bsh-factory-java libplexus-cipher-java
>   libplexus-classworlds-java libplexus-container-default-java
>   libplexus-containers-java libplexus-interactivity-api-java
>   libplexus-interpolation-java libplexus-io-java
> libplexus-sec-dispatcher-java
>   libplexus-utils-java libref-array1 librelaxng-datatype-java
>   librelaxngcc-java libresteasy-java librngom-java
> libsasl2-modules-gssapi-mit
>   libsaxon-java libsaxonhe-java libscannotation-java libservlet2.5-java
>   libservlet3.0-java libslf4j-java libsocket-getaddrinfo-perl
> libsocket6-perl
>   libsofthsm2 libsss-idmap0 libsss-nss-idmap0 libsss-sudo libstax-ex-java
>   libstax-java libstreambuffer-java libsvrcore0 libtomcat7-java
>   libtomcat8-java libtomcatjss-java libtxw2-java libverto-libevent1
> libverto1
>   libwagon-java libwerken.xpath-java libxalan2-java libxbean-java
>   libxerces2-java libxml-commons-external-java
> libxml-commons-resolver1.1-java
>   libxmlrpc-core-c3 libxom-java libxpp2-java libxpp3-java libxsom-java
>   libyaml-snake-java memcached oddjob oddjob-mkhomedir opendnssec
>   opendnssec-common opendnssec-enforcer opendnssec-enforcer-sqlite3
>   opendnssec-signer pki-base pki-ca pki-kra pki-server pki-tools
> python-cffi
>   python-cffi-backend python-cryptography python-custodia python-dateutil
>   python-decorator python-dnspython python-enum34 python-gssapi python-idna
>   python-ipaclient python-ipaddress python-ipalib python-ipaserver
>   python-jwcrypto python-kdcproxy python-ldap python-libipa-hbac
>   python-libsss-nss-idmap python-memcache python-netaddr python-nss
> python-ply
>   python-pyasn1 python-pycparser python-qrcode python-selinux
>   python-setuptools python-sss python-systemd python-usb python-yubico
>   slapi-nis softhsm2 softhsm2-common sssd sssd-ad sssd-ad-common
> sssd-common
>   sssd-ipa sssd-krb5 sssd-krb5-common sssd-ldap sssd-proxy tomcat7-common
>   tomcat7-user velocity
> Suggested packages:
>   ant-doc ant-gcj default-jdk | java-compiler | java-sdk ant-optional-gcj
>   antlr javacc jython libbcel-java libbsf-java libcommons-net-java
>   libgnumail-java libjdepend-java libregexp-java apache2-doc
>   apache2-suexec-pristine | apache2-suexec-custom bind9-doc libpam-krb5
>   junit-doc openbsd-inetd | inet-superserver opensc
>   libatinject-jsr330-api-java-doc libclassworlds-java-doc
>   libcommons-collections3-java-doc libcommons-dbcp-java-doc
>   libgeronimo-jta-1.1-spec-java libcommons-httpclient-java-doc
>   libcommons-io-java-doc libcommons-lang-java-doc libavalon-framework-java
>   libcommons-logging-java-doc libcommons-net2-java-doc libclone-perl
>   libmldbm-perl libnet-daemon-perl libsql-statement-perl libdom4j-java-doc
>   libdtd-parser-java-doc ecj libecj-java-gcj krb5-doc
> libjackson-json-java-doc
>   libjackson2-annotations-java-doc libjackson2-core-java-doc
>   libjackson2-databind-java-doc libjackson2-dataformat-smile-doc
>   libjaxp1.3-java-gcj libjdom1-java-doc libjoda-convert-java-doc
>   libjoda-time-java-doc libjsoup-java-doc libjsr305-java-doc
>   liblog4j1.2-java-doc libmaven-file-management-java-doc
>   libmaven-shared-io-java-doc libplexus-cipher-java-doc
>   libplexus-classworlds-java-doc libplexus-container-default-java-doc
>   libplexus-interactivity-api-java-doc libplexus-interpolation-java-doc
>   libplexus-sec-dispatcher-java-doc libplexus-utils-java-doc
> libsaxon-java-doc
>   libstax-java-doc tomcat7 tomcat8 libwagon-java-doc libxalan2-java-doc
>   libxsltc-java groovy2 libequinox-osgi-java libosgi-compendium-java
>   libosgi-core-java libqdox-java libspring-beans-java
> libspring-context-java
>   libspring-core-java libspring-web-java libxerces2-java-doc
>   libxerces2-java-gcj libxml-commons-resolver1.1-java-doc libxom-java-doc
>   libcache-memcached-perl libmemcached libyaml-perl libterm-readkey-perl
>   opendnssec-doc python-dev python-cryptography-doc
>   python-cryptography-vectors python-enum34-doc python-ldap-doc ipython
>   python-netaddr-docs python-ply-doc doc-base python-setuptools-doc
> sssd-tools
>   libsasl2-modules-ldap tomcat7-docs tomcat7-admin tomcat7-examples
>   velocity-doc
> The following NEW packages will be installed:
>   389-ds-base 389-ds-base-libs ant ant-optional apache2 apache2-bin
>   apache2-data apache2-utils bind9 bind9-dyndb-ldap bind9utils certmonger
>   custodia dogtag-pki-server-theme fonts-font-awesome freeipa-admintools
>   freeipa-client freeipa-common freeipa-server freeipa-server-dns
>   glassfish-activation ieee-data junit krb5-admin-server krb5-config
> krb5-kdc
>   krb5-kdc-ldap krb5-pkinit krb5-user ldap-utils libantlr-java
>   libapache-pom-java libapache2-mod-auth-gssapi libapache2-mod-nss
>   libapache2-mod-wsgi libapr1 libaprutil1 libaprutil1-dbd-sqlite3
>   libaprutil1-ldap libargs4j-java libatinject-jsr330-api-java
>   libatk-wrapper-java libatk-wrapper-java-jni libbasicobjects0 libbsh-java
>   libc-ares2 libclassworlds-java libcodemodel-java libcollection4
>   libcommons-cli-java libcommons-codec-java libcommons-collections3-java
>   libcommons-dbcp-java libcommons-httpclient-java libcommons-io-java
>   libcommons-lang-java libcommons-logging-java libcommons-net2-java
>   libcommons-parent-java libcommons-pool-java libcurl3-nss
> libdbd-sqlite3-perl
>   libdbi-perl libdhash1 libdom4j-java libdoxia-core-java libdtd-parser-java
>   libecj-java libexcalibur-logkit-java libfastinfoset-java libgssrpc4
>   libguava-java libhsm-bin libhttpclient-java libhttpcore-java
> libini-config5
>   libipa-hbac0 libirs141 libisorelax-java libistack-commons-java
>   libjackson-json-java libjackson2-annotations-java libjackson2-core-java
>   libjackson2-databind-java libjackson2-dataformat-smile
>   libjackson2-jaxrs-providers-java libjackson2-module-jaxb-
> annotations-java
>   libjavassist-java libjaxb-api-java libjaxb-java libjaxen-java
>   libjaxp1.3-java libjdom1-java libjettison-java libjing-java
>   libjoda-convert-java libjoda-time-java libjs-dojo-core libjs-dojo-dijit
>   libjs-dojo-dojox libjsch-java libjsoup-java libjsr305-java
>   libjsr311-api-java libjss-java libkadm5clnt-mit9 libkadm5srv-mit9
> libkdb5-8
>   libkrad0 libldap-java libldns1 liblog4j1.2-java
>   libmaven-file-management-java libmaven-shared-io-java libmaven2-core-java
>   libmozilla-ldap-perl libmsv-java libnetaddr-ip-perl libnss-sss libnss3-1d
>   libnss3-tools libnuxwdog-java libnuxwdog0 liboro-java libpam-pwquality
>   libpam-sss libpath-utils1 libperl4-corelibs-perl
> libplexus-ant-factory-java
>   libplexus-archiver-java libplexus-bsh-factory-java libplexus-cipher-java
>   libplexus-classworlds-java libplexus-container-default-java
>   libplexus-containers-java libplexus-interactivity-api-java
>   libplexus-interpolation-java libplexus-io-java
> libplexus-sec-dispatcher-java
>   libplexus-utils-java libref-array1 librelaxng-datatype-java
>   librelaxngcc-java libresteasy-java librngom-java
> libsasl2-modules-gssapi-mit
>   libsaxon-java libsaxonhe-java libscannotation-java libservlet2.5-java
>   libservlet3.0-java libslf4j-java libsocket-getaddrinfo-perl
> libsocket6-perl
>   libsofthsm2 libsss-idmap0 libsss-nss-idmap0 libsss-sudo libstax-ex-java
>   libstax-java libstreambuffer-java libsvrcore0 libtomcat7-java
>   libtomcat8-java libtomcatjss-java libtxw2-java libverto-libevent1
> libverto1
>   libwagon-java libwerken.xpath-java libxalan2-java libxbean-java
>   libxerces2-java libxml-commons-external-java
> libxml-commons-resolver1.1-java
>   libxmlrpc-core-c3 libxom-java libxpp2-java libxpp3-java libxsom-java
>   libyaml-snake-java memcached oddjob oddjob-mkhomedir opendnssec
>   opendnssec-common opendnssec-enforcer opendnssec-enforcer-sqlite3
>   opendnssec-signer pki-base pki-ca pki-kra pki-server pki-tools
> python-cffi
>   python-cffi-backend python-cryptography python-custodia python-dateutil
>   python-decorator python-dnspython python-enum34 python-gssapi python-idna
>   python-ipaclient python-ipaddress python-ipalib python-ipaserver
>   python-jwcrypto python-kdcproxy python-ldap python-libipa-hbac
>   python-libsss-nss-idmap python-memcache python-netaddr python-nss
> python-ply
>   python-pyasn1 python-pycparser python-qrcode python-selinux
>   python-setuptools python-sss python-systemd python-usb python-yubico
>   slapi-nis softhsm2 softhsm2-common sssd sssd-ad sssd-ad-common
> sssd-common
>   sssd-ipa sssd-krb5 sssd-krb5-common sssd-ldap sssd-proxy tomcat7-common
>   tomcat7-user velocity
> 0 upgraded, 241 newly installed, 0 to remove and 13 not upgraded.
> Need to get 71.3 MB of archives.
> After this operation, 169 MB of additional disk space will be used.
> Do you want to continue? [Y/n] N
>
> NNNNNNNNNNNNNNNNNNNNNNN!!!!!!!!!!
>
>
> Light?  Nope.
>
>
>
>
> On 12/22/2016 10:10 PM, Jim Kinney wrote:
> > Hmm. You could do this in freeipa. It has a phone number field by
> > default. Plus a web gui that's easy. Create users but don't allow them
> > access to a machine.
> >
> > On Dec 22, 2016 7:17 PM, "Alex Carver" <agcarver+ale at acarver.net
> > <mailto:agcarver%2Bale at acarver.net>> wrote:
> >
> >     Need some recommendations for a very low resource LDAP server that is
> >     easy to configure/administer.
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20161223/954ff3f7/attachment.html>

More information about the Ale mailing list