[ale] Low resource, easy to admin LDAP server

DJ-Pfulio DJPfulio at jdpfu.com
Fri Dec 23 12:26:36 EST 2016


Thought everyone running SIP had moved to FreePBX or PBX-in-a-box?
Might ask the LDAP question at the AAUG (or browse their list archives).

Those all-in-one SIP distros have everything. I haven't been to a
meeting or been following asterisk since before a Raspberry Pi was
introduced, but people were deploying $200 mini-x86 boxes to handle 50
people in small offices and they felt it was complete overkill.  They
did "fork lift" upgrades to reduce downtime.  Basically, they never
touched a working system. Did patching+testing on an alternate box and
swapped it in when things looked good.

I bet there is a PBX-specific solution, probably using LDAP with a nice
webGUI. It probably accepts a CVS/LDIF/vcard upload for the directory too.

As for r-pi stuff.  Folks are using 16G-1TB laptop disks using a powered
USB hub for both the Pi and the disks. Basically, it makes storage a
non-factor AND they get a stable power source.

I'll make you a deal on a 2-line Snom. ;)

On 12/23/2016 10:41 AM, Alex Carver wrote:
> Might be a bit much for a Raspberry Pi. :)  The intent is for populating
> the directory of a few SIP phones at home.  The Pi is running Asterisk
> for all the VoIP functions and TFTPd for provisioning the phones so I
> just needed a tiny LDAP to have a direct-dial directory otherwise I have
> to program the phones one at a time manually (there is no remote
> provisioning for the phone's local directory).  Unfortunately the phone
> only supports LDAP for its directory function.
> 
> On 2016-12-23 05:21, Jim Kinney wrote:
>> Hah, hah. I don't think of hard drive space or package count any more. For me, 
>> an application that pulls in 150 dependencies and requires 280 MB when installed 
>> is nothing when it's on a system with 6 4TB drives in a RAID6.
>>
>> As I use freeipa at work, it's pretty easy to setup and it includes automatic 
>> replication. Since I don't have to do a zillion configuration steps before it 
>> runs, that's "lightweight" for me.
>>
>> Yeah. Freeipa is overkill for just storing names and phone numbers. A flat file 
>> and a grep search is really light and fast enough up to many hundreds of 
>> entries. Slap a tiny perl/python/ruby web front end on it and call it a day.
>>
>> On Dec 22, 2016 10:37 PM, "DJ-Pfulio" <DJPfulio at jdpfu.com 
>> <mailto:DJPfulio at jdpfu.com>> wrote:
>>
>>     And FreeIPA meets those requirements?  Truly?
>>     $ sudo apt install freeipa-server
>>     Reading package lists... Done
>>     Building dependency tree
>>     Reading state information... Done
>>
>>     The following additional packages will be installed:
>>        389-ds-base 389-ds-base-libs ant ant-optional apache2 apache2-bin
>>        apache2-data apache2-utils bind9 bind9-dyndb-ldap bind9utils certmonger
>>        custodia dogtag-pki-server-theme fonts-font-awesome freeipa-admintools
>>        freeipa-client freeipa-common freeipa-server-dns glassfish-activation
>>        ieee-data junit krb5-admin-server krb5-config krb5-kdc krb5-kdc-ldap
>>        krb5-pkinit krb5-user ldap-utils libantlr-java libapache-pom-java
>>        libapache2-mod-auth-gssapi libapache2-mod-nss libapache2-mod-wsgi libapr1
>>        libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap libargs4j-java
>>        libatinject-jsr330-api-java libatk-wrapper-java libatk-wrapper-java-jni
>>        libbasicobjects0 libbsh-java libc-ares2 libclassworlds-java
>>        libcodemodel-java libcollection4 libcommons-cli-java libcommons-codec-java
>>        libcommons-collections3-java libcommons-dbcp-java
>>     libcommons-httpclient-java
>>        libcommons-io-java libcommons-lang-java libcommons-logging-java
>>        libcommons-net2-java libcommons-parent-java libcommons-pool-java
>>        libcurl3-nss libdbd-sqlite3-perl libdbi-perl libdhash1 libdom4j-java
>>        libdoxia-core-java libdtd-parser-java libecj-java libexcalibur-logkit-java
>>        libfastinfoset-java libgssrpc4 libguava-java libhsm-bin libhttpclient-java
>>        libhttpcore-java libini-config5 libipa-hbac0 libirs141 libisorelax-java
>>        libistack-commons-java libjackson-json-java libjackson2-annotations-java
>>        libjackson2-core-java libjackson2-databind-java
>>     libjackson2-dataformat-smile
>>        libjackson2-jaxrs-providers-java libjackson2-module-jaxb-annotations-java
>>        libjavassist-java libjaxb-api-java libjaxb-java libjaxen-java
>>        libjaxp1.3-java libjdom1-java libjettison-java libjing-java
>>        libjoda-convert-java libjoda-time-java libjs-dojo-core libjs-dojo-dijit
>>        libjs-dojo-dojox libjsch-java libjsoup-java libjsr305-java
>>        libjsr311-api-java libjss-java libkadm5clnt-mit9 libkadm5srv-mit9
>>     libkdb5-8
>>        libkrad0 libldap-java libldns1 liblog4j1.2-java
>>        libmaven-file-management-java libmaven-shared-io-java libmaven2-core-java
>>        libmozilla-ldap-perl libmsv-java libnetaddr-ip-perl libnss-sss libnss3-1d
>>        libnss3-tools libnuxwdog-java libnuxwdog0 liboro-java libpam-pwquality
>>        libpam-sss libpath-utils1 libperl4-corelibs-perl
>>     libplexus-ant-factory-java
>>        libplexus-archiver-java libplexus-bsh-factory-java libplexus-cipher-java
>>        libplexus-classworlds-java libplexus-container-default-java
>>        libplexus-containers-java libplexus-interactivity-api-java
>>        libplexus-interpolation-java libplexus-io-java
>>     libplexus-sec-dispatcher-java
>>        libplexus-utils-java libref-array1 librelaxng-datatype-java
>>        librelaxngcc-java libresteasy-java librngom-java
>>     libsasl2-modules-gssapi-mit
>>        libsaxon-java libsaxonhe-java libscannotation-java libservlet2.5-java
>>        libservlet3.0-java libslf4j-java libsocket-getaddrinfo-perl
>>     libsocket6-perl
>>        libsofthsm2 libsss-idmap0 libsss-nss-idmap0 libsss-sudo libstax-ex-java
>>        libstax-java libstreambuffer-java libsvrcore0 libtomcat7-java
>>        libtomcat8-java libtomcatjss-java libtxw2-java libverto-libevent1
>>     libverto1
>>        libwagon-java libwerken.xpath-java libxalan2-java libxbean-java
>>        libxerces2-java libxml-commons-external-java
>>     libxml-commons-resolver1.1-java
>>        libxmlrpc-core-c3 libxom-java libxpp2-java libxpp3-java libxsom-java
>>        libyaml-snake-java memcached oddjob oddjob-mkhomedir opendnssec
>>        opendnssec-common opendnssec-enforcer opendnssec-enforcer-sqlite3
>>        opendnssec-signer pki-base pki-ca pki-kra pki-server pki-tools python-cffi
>>        python-cffi-backend python-cryptography python-custodia python-dateutil
>>        python-decorator python-dnspython python-enum34 python-gssapi python-idna
>>        python-ipaclient python-ipaddress python-ipalib python-ipaserver
>>        python-jwcrypto python-kdcproxy python-ldap python-libipa-hbac
>>        python-libsss-nss-idmap python-memcache python-netaddr python-nss
>>     python-ply
>>        python-pyasn1 python-pycparser python-qrcode python-selinux
>>        python-setuptools python-sss python-systemd python-usb python-yubico
>>        slapi-nis softhsm2 softhsm2-common sssd sssd-ad sssd-ad-common sssd-common
>>        sssd-ipa sssd-krb5 sssd-krb5-common sssd-ldap sssd-proxy tomcat7-common
>>        tomcat7-user velocity
>>     Suggested packages:
>>        ant-doc ant-gcj default-jdk | java-compiler | java-sdk ant-optional-gcj
>>        antlr javacc jython libbcel-java libbsf-java libcommons-net-java
>>        libgnumail-java libjdepend-java libregexp-java apache2-doc
>>        apache2-suexec-pristine | apache2-suexec-custom bind9-doc libpam-krb5
>>        junit-doc openbsd-inetd | inet-superserver opensc
>>        libatinject-jsr330-api-java-doc libclassworlds-java-doc
>>        libcommons-collections3-java-doc libcommons-dbcp-java-doc
>>        libgeronimo-jta-1.1-spec-java libcommons-httpclient-java-doc
>>        libcommons-io-java-doc libcommons-lang-java-doc libavalon-framework-java
>>        libcommons-logging-java-doc libcommons-net2-java-doc libclone-perl
>>        libmldbm-perl libnet-daemon-perl libsql-statement-perl libdom4j-java-doc
>>        libdtd-parser-java-doc ecj libecj-java-gcj krb5-doc
>>     libjackson-json-java-doc
>>        libjackson2-annotations-java-doc libjackson2-core-java-doc
>>        libjackson2-databind-java-doc libjackson2-dataformat-smile-doc
>>        libjaxp1.3-java-gcj libjdom1-java-doc libjoda-convert-java-doc
>>        libjoda-time-java-doc libjsoup-java-doc libjsr305-java-doc
>>        liblog4j1.2-java-doc libmaven-file-management-java-doc
>>        libmaven-shared-io-java-doc libplexus-cipher-java-doc
>>        libplexus-classworlds-java-doc libplexus-container-default-java-doc
>>        libplexus-interactivity-api-java-doc libplexus-interpolation-java-doc
>>        libplexus-sec-dispatcher-java-doc libplexus-utils-java-doc
>>     libsaxon-java-doc
>>        libstax-java-doc tomcat7 tomcat8 libwagon-java-doc libxalan2-java-doc
>>        libxsltc-java groovy2 libequinox-osgi-java libosgi-compendium-java
>>        libosgi-core-java libqdox-java libspring-beans-java libspring-context-java
>>        libspring-core-java libspring-web-java libxerces2-java-doc
>>        libxerces2-java-gcj libxml-commons-resolver1.1-java-doc libxom-java-doc
>>        libcache-memcached-perl libmemcached libyaml-perl libterm-readkey-perl
>>        opendnssec-doc python-dev python-cryptography-doc
>>        python-cryptography-vectors python-enum34-doc python-ldap-doc ipython
>>        python-netaddr-docs python-ply-doc doc-base python-setuptools-doc
>>     sssd-tools
>>        libsasl2-modules-ldap tomcat7-docs tomcat7-admin tomcat7-examples
>>        velocity-doc
>>     The following NEW packages will be installed:
>>        389-ds-base 389-ds-base-libs ant ant-optional apache2 apache2-bin
>>        apache2-data apache2-utils bind9 bind9-dyndb-ldap bind9utils certmonger
>>        custodia dogtag-pki-server-theme fonts-font-awesome freeipa-admintools
>>        freeipa-client freeipa-common freeipa-server freeipa-server-dns
>>        glassfish-activation ieee-data junit krb5-admin-server krb5-config
>>     krb5-kdc
>>        krb5-kdc-ldap krb5-pkinit krb5-user ldap-utils libantlr-java
>>        libapache-pom-java libapache2-mod-auth-gssapi libapache2-mod-nss
>>        libapache2-mod-wsgi libapr1 libaprutil1 libaprutil1-dbd-sqlite3
>>        libaprutil1-ldap libargs4j-java libatinject-jsr330-api-java
>>        libatk-wrapper-java libatk-wrapper-java-jni libbasicobjects0 libbsh-java
>>        libc-ares2 libclassworlds-java libcodemodel-java libcollection4
>>        libcommons-cli-java libcommons-codec-java libcommons-collections3-java
>>        libcommons-dbcp-java libcommons-httpclient-java libcommons-io-java
>>        libcommons-lang-java libcommons-logging-java libcommons-net2-java
>>        libcommons-parent-java libcommons-pool-java libcurl3-nss
>>     libdbd-sqlite3-perl
>>        libdbi-perl libdhash1 libdom4j-java libdoxia-core-java libdtd-parser-java
>>        libecj-java libexcalibur-logkit-java libfastinfoset-java libgssrpc4
>>        libguava-java libhsm-bin libhttpclient-java libhttpcore-java
>>     libini-config5
>>        libipa-hbac0 libirs141 libisorelax-java libistack-commons-java
>>        libjackson-json-java libjackson2-annotations-java libjackson2-core-java
>>        libjackson2-databind-java libjackson2-dataformat-smile
>>        libjackson2-jaxrs-providers-java libjackson2-module-jaxb-annotations-java
>>        libjavassist-java libjaxb-api-java libjaxb-java libjaxen-java
>>        libjaxp1.3-java libjdom1-java libjettison-java libjing-java
>>        libjoda-convert-java libjoda-time-java libjs-dojo-core libjs-dojo-dijit
>>        libjs-dojo-dojox libjsch-java libjsoup-java libjsr305-java
>>        libjsr311-api-java libjss-java libkadm5clnt-mit9 libkadm5srv-mit9
>>     libkdb5-8
>>        libkrad0 libldap-java libldns1 liblog4j1.2-java
>>        libmaven-file-management-java libmaven-shared-io-java libmaven2-core-java
>>        libmozilla-ldap-perl libmsv-java libnetaddr-ip-perl libnss-sss libnss3-1d
>>        libnss3-tools libnuxwdog-java libnuxwdog0 liboro-java libpam-pwquality
>>        libpam-sss libpath-utils1 libperl4-corelibs-perl
>>     libplexus-ant-factory-java
>>        libplexus-archiver-java libplexus-bsh-factory-java libplexus-cipher-java
>>        libplexus-classworlds-java libplexus-container-default-java
>>        libplexus-containers-java libplexus-interactivity-api-java
>>        libplexus-interpolation-java libplexus-io-java
>>     libplexus-sec-dispatcher-java
>>        libplexus-utils-java libref-array1 librelaxng-datatype-java
>>        librelaxngcc-java libresteasy-java librngom-java
>>     libsasl2-modules-gssapi-mit
>>        libsaxon-java libsaxonhe-java libscannotation-java libservlet2.5-java
>>        libservlet3.0-java libslf4j-java libsocket-getaddrinfo-perl
>>     libsocket6-perl
>>        libsofthsm2 libsss-idmap0 libsss-nss-idmap0 libsss-sudo libstax-ex-java
>>        libstax-java libstreambuffer-java libsvrcore0 libtomcat7-java
>>        libtomcat8-java libtomcatjss-java libtxw2-java libverto-libevent1
>>     libverto1
>>        libwagon-java libwerken.xpath-java libxalan2-java libxbean-java
>>        libxerces2-java libxml-commons-external-java
>>     libxml-commons-resolver1.1-java
>>        libxmlrpc-core-c3 libxom-java libxpp2-java libxpp3-java libxsom-java
>>        libyaml-snake-java memcached oddjob oddjob-mkhomedir opendnssec
>>        opendnssec-common opendnssec-enforcer opendnssec-enforcer-sqlite3
>>        opendnssec-signer pki-base pki-ca pki-kra pki-server pki-tools python-cffi
>>        python-cffi-backend python-cryptography python-custodia python-dateutil
>>        python-decorator python-dnspython python-enum34 python-gssapi python-idna
>>        python-ipaclient python-ipaddress python-ipalib python-ipaserver
>>        python-jwcrypto python-kdcproxy python-ldap python-libipa-hbac
>>        python-libsss-nss-idmap python-memcache python-netaddr python-nss
>>     python-ply
>>        python-pyasn1 python-pycparser python-qrcode python-selinux
>>        python-setuptools python-sss python-systemd python-usb python-yubico
>>        slapi-nis softhsm2 softhsm2-common sssd sssd-ad sssd-ad-common sssd-common
>>        sssd-ipa sssd-krb5 sssd-krb5-common sssd-ldap sssd-proxy tomcat7-common
>>        tomcat7-user velocity
>>     0 upgraded, 241 newly installed, 0 to remove and 13 not upgraded.
>>     Need to get 71.3 MB of archives.
>>     After this operation, 169 MB of additional disk space will be used.
>>     Do you want to continue? [Y/n] N
>>
>>     NNNNNNNNNNNNNNNNNNNNNNN!!!!!!!!!!
>>
>>
>>     Light?  Nope.
>>
>>
>>
>>
>>     On 12/22/2016 10:10 PM, Jim Kinney wrote:
>>      > Hmm. You could do this in freeipa. It has a phone number field by
>>      > default. Plus a web gui that's easy. Create users but don't allow them
>>      > access to a machine.
>>      >
>>      > On Dec 22, 2016 7:17 PM, "Alex Carver" <agcarver+ale at acarver.net
>>     <mailto:agcarver%2Bale at acarver.net>
>>      > <mailto:agcarver%2Bale at acarver.net
>>     <mailto:agcarver%252Bale at acarver.net>>> wrote:
>>      >
>>      >     Need some recommendations for a very low resource LDAP server that is
>>      >     easy to configure/administer.
>>
>>     _______________________________________________
>>     Ale mailing list
>>     Ale at ale.org <mailto:Ale at ale.org>
>>     http://mail.ale.org/mailman/listinfo/ale
>>     <http://mail.ale.org/mailman/listinfo/ale>
>>     See JOBS, ANNOUNCE and SCHOOLS lists at
>>     http://mail.ale.org/mailman/listinfo <http://mail.ale.org/mailman/listinfo>
>>
>>
>>
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> http://mail.ale.org/mailman/listinfo/ale
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
>>
> 
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
> 


-- 
Got Linux? Used on smartphones, tablets, desktop computers, media
centers, and servers by kids, Moms, Dads, grandparents and IT
professionals.


More information about the Ale mailing list