home       inleiding       sysadmin       services       links       bash       werk       nothing      

Fusiondirectory LDAP web interface

 
Just like phpldapadmin, fusion directory is a PHP program enabling you to configure and populate your LDAP machine. (phpldapadmin will probably be able to coexist with fusiondirectory -- as long as you put them in a different virtual-host on apache2 -- it is not a good practice to use both to populate your LDAP -- but it might be interesting to have when things go horribly wrong and your backup server says "CHEESE -- what did you ask me to do?"
 

1. repositories
    
   we add repositories:
    
   # echo "deb http://repos.fusiondirectory.org/debian-wheezy wheezy main" >> /etc/apt/sources.list.d/fusiondirectory.list
# echo "deb http://repos.fusiondirectory.org/debian-extra wheezy main" >> /etc/apt/sources.list.d/fusiondirectory.list
     
   we do an apt-get update with errors ...
    
   # apt-get update
    
   next we add the gpg-key:
    
   # apt-get install fusiondirectory-archive-keyring

   Reading package lists... Done
   Building dependency tree       
   Reading state information... Done
   The following NEW packages will be installed:
   fusiondirectory-archive-keyring
   0 upgraded, 1 newly installed, 0 to remove and 5 not upgraded.
   Need to get 2808 B of archives.
   After this operation, 38.9 kB of additional disk space will be used.
   WARNING: The following packages cannot be authenticated!
   fusiondirectory-archive-keyring
   Install these packages without verification [y/N]? y
   Get:1 http://repos.fusiondirectory.org/debian-extra/ stable/main fusiondirectory-archive-keyring all 1.0 [2808 B]
   Fetched 2808 B in 0s (43.8 kB/s)                           
   Selecting previously unselected package fusiondirectory-archive-keyring.
   (Reading database ... 82724 files and directories currently installed.)
   Unpacking fusiondirectory-archive-keyring (from .../fusiondirectory-archive-keyring_1.0_all.deb) ...
   Setting up fusiondirectory-archive-keyring (1.0) ...

    
   next we update apt-get:
    
   # apt-get update
    
   To see whether the sources have been updated we can do an apt-cache search:
    
   # apt-cache search fusiondir

   fusiondirectory - Web Based LDAP Administration Program
   fusiondirectory-plugin-alias - alias plugin for FusionDirectory
   fusiondirectory-plugin-alias-schema - LDAP schema for FusionDirectory alias plugin
   fusiondirectory-plugin-applications - Applications management plugin for FusionDirectory
   fusiondirectory-plugin-applications-schema - LDAP schema for FusionDirectory application management plugin
   fusiondirectory-plugin-argonaut - Argonaut plugin for FusionDirectory
   fusiondirectory-plugin-argonaut-schema - LDAP schema for FusionDirectory Argonaut plugin
   fusiondirectory-plugin-audit - audit plugin for FusionDirectory
   fusiondirectory-plugin-audit-schema - LDAP schema for FusionDirectory audit plugin
   fusiondirectory-plugin-autofs - autofs plugin for FusionDirectory
   . . .

    

2. install
    
   We install the software and a basic schema ...
    
   # apt-get install fusiondirectory-schema schema2ldif

   Reading package lists... Done
   Building dependency tree       
   Reading state information... Done
   The following packages were automatically installed and are no longer required:
   linux-headers-3.19.0-25 linux-headers-3.19.0-25-generic
   linux-image-3.19.0-25-generic linux-image-extra-3.19.0-25-generic
   Use 'apt-get autoremove' to remove them.
   The following NEW packages will be installed:
   fusiondirectory-schema schema2ldif
   0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded.
   Need to get 88.0 kB of archives.
   After this operation, 284 kB of additional disk space will be used.
   Get:1 http://repos.fusiondirectory.org/debian-extra/ wheezy/main schema2ldif all 1.0-1 [7,100 B]
   Get:2 http://repos.fusiondirectory.org/debian-wheezy/ wheezy/main fusiondirectory-schema all 1.0.15-1 [80.9 kB]
   Fetched 88.0 kB in 0s (434 kB/s)            
   Selecting previously unselected package schema2ldif.
   (Reading database ... 119056 files and directories currently installed.)
   Preparing to unpack .../schema2ldif_1.0-1_all.deb ...
   Unpacking schema2ldif (1.0-1) ...
   Selecting previously unselected package fusiondirectory-schema.
   Preparing to unpack .../fusiondirectory-schema_1.0.15-1_all.deb ...
   Unpacking fusiondirectory-schema (1.0.15-1) ...
   Processing triggers for man-db (2.6.7.1-1ubuntu1) ...
   Setting up schema2ldif (1.0-1) ...
   Setting up fusiondirectory-schema (1.0.15-1) ...

    
   now we install the schema ...
    
   # fusiondirectory-insert-schema

   SASL/EXTERNAL authentication started
   SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
   SASL SSF: 0
   executing 'ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/fusiondirectory/core-fd.ldif'
   SASL/EXTERNAL authentication started
   SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
   SASL SSF: 0
   adding new entry "cn=core-fd,cn=schema,cn=config"
    
   SASL/EXTERNAL authentication started
   SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
   SASL SSF: 0
   executing 'ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/fusiondirectory/core-fd-conf.ldif'
   SASL/EXTERNAL authentication started
   SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
   SASL SSF: 0
   adding new entry "cn=core-fd-conf,cn=schema,cn=config"
    
   SASL/EXTERNAL authentication started
   SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
   SASL SSF: 0
   executing 'ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/fusiondirectory/ldapns.ldif'
   SASL/EXTERNAL authentication started
   SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
   SASL SSF: 0
   adding new entry "cn=ldapns,cn=schema,cn=config"
    
   SASL/EXTERNAL authentication started
   SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
   SASL SSF: 0
   executing 'ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/fusiondirectory/template-fd.ldif'
   SASL/EXTERNAL authentication started
   SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
   SASL SSF: 0
   adding new entry "cn=template-fd,cn=schema,cn=config"

    
   ... and now we check our work ...
    
   # fusiondirectory-insert-schema -l

   core
   cosine
   nis
   inetorgperson
   core-fd
   core-fd-conf
   ldapns
   template-fd

    

3. plugins
    
   Install and import the following ...
    
   # apt-get install fusiondirectory-plugin-systems-schema
# apt-get install fusiondirectory-plugin-systems
 
# fusiondirectory-insert-schema -i /etc/ldap/schema/fusiondirectory/service-fd.schema

   SASL/EXTERNAL authentication started
   SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
   SASL SSF: 0
   executing 'ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/fusiondirectory/service-fd.ldif'
   SASL/EXTERNAL authentication started
   SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
   SASL SSF: 0
   adding new entry "cn=service-fd,cn=schema,cn=config"

    
   # fusiondirectory-insert-schema -i /etc/ldap/schema/fusiondirectory/systems-fd-conf.schema

   SASL/EXTERNAL authentication started
   SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
   SASL SSF: 0
   executing 'ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/fusiondirectory/systems-fd-conf.ldif'
   SASL/EXTERNAL authentication started
   SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
   SASL SSF: 0
   adding new entry "cn=systems-fd-conf,cn=schema,cn=config"

    

   • sudo plugin ...
      
     # apt-get install sudo-ldap
# apt-get install fusiondirectory-plugin-sudo
# apt-get install fusiondirectory-plugin-sudo-schema
      
     ... so we import these ...
      
     # fusiondirectory-insert-schema -i /etc/ldap/schema/fusiondirectory/sudo.schema

     SASL/EXTERNAL authentication started
     SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
     SASL SSF: 0
     executing 'ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/fusiondirectory/sudo.ldif'
     SASL/EXTERNAL authentication started
     SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
     SASL SSF: 0
     adding new entry "cn=sudo,cn=schema,cn=config"

      
     # fusiondirectory-insert-schema -i /etc/ldap/schema/fusiondirectory/sudo-fd-conf.schema

     SASL/EXTERNAL authentication started
     SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
     SASL SSF: 0
     executing 'ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/fusiondirectory/sudo-fd-conf.ldif'
     SASL/EXTERNAL authentication started
     SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
     SASL SSF: 0
     adding new entry "cn=sudo-fd-conf,cn=schema,cn=config"

      

   • ssh plugin ...
      
     # apt-get install fusiondirectory-plugin-ssh
# apt-get install fusiondirectory-plugin-ssh-schema
# fusiondirectory-insert-schema -i /etc/ldap/schema/fusiondirectory/openssh-lpk.schema

     SASL/EXTERNAL authentication started
     SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
     SASL SSF: 0
     executing 'ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/fusiondirectory/openssh-lpk.ldif'
     SASL/EXTERNAL authentication started
     SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
     SASL SSF: 0
     adding new entry "cn=openssh-lpk,cn=schema,cn=config"

      

4. what do we have
    
   # fusiondirectory-insert-schema -l | nl

    1  core
    2  cosine
    3  nis
    4  inetorgperson
    5  core-fd
    6  core-fd-conf
    7  ldapns
    8  template-fd
    9  service-fd
   10  systems-fd-conf
   11  sudo
   12  sudo-fd-conf
   13  openssh-lpk

    
   # ls /etc/ldap/schema/fusiondirectory -l | nl

    1  total 120
    2  -rw-r--r-- 1 root root 14538 Aug 23 09:51 argonaut-fd.schema
    3  -rw-r--r-- 1 root root 21066 Aug 23 09:44 core-fd-conf.schema
    4  -rw-r--r-- 1 root root  3162 Aug 23 09:44 core-fd.schema
    5  -rw-r--r-- 1 root root   668 Aug 23 09:44 ldapns.schema
    6  -rw-r--r-- 1 root root   537 Aug 23 09:51 openssh-lpk.schema
    7  -rw-r--r-- 1 root root  9549 Aug 23 09:44 rfc2307bis.schema
    8  -rw-r--r-- 1 root root 10523 Aug 23 09:51 service-fd.schema
    9  -rw-r--r-- 1 root root   491 Aug 23 09:51 sudo-fd-conf.schema
   10  -rw-r--r-- 1 root root  2319 Aug 23 09:51 sudo.schema
   11  -rw-r--r-- 1 root root  4121 Aug 23 09:51 systems-fd-conf.schema
   12  -rw-r--r-- 1 root root 22942 Aug 23 09:51 systems-fd.schema
   13  -rw-r--r-- 1 root root   424 Aug 23 09:44 template-fd.schema

    
   ... and finally we install these 2 packets:
    
   # apt-get install fusiondirectory-plugin-ldapmanager
# apt-get install php-mdb2
    
   and that should be it

Dylan: time for a snapshot !!!
....
check in firefox http://my-ldap-server/fusiondirectory

you will now need to follow the wizard in firefox, which might not be that simple ...