home       inleiding       sysadmin       services       links       bash       werk       nothing      

Fusiondirectory LDAP web interface

 
Just like phpldapadmin, fusion directory is a PHP program enabling you to configure and populate your LDAP machine. (phpldapadmin will probably be able to coexist with fusiondirectory -- as long as you put them in a different virtual-host on apache2 -- it is not a good practice to use both to populate your LDAP -- but it might be interesting to have when things go horribly wrong and your backup server says "CHEESE -- what did you ask me to do?"
 

  1. repositories
     
    we add repositories:
     
    # echo "deb http://repos.fusiondirectory.org/debian-wheezy wheezy main" >> /etc/apt/sources.list.d/fusiondirectory.list
    # echo "deb http://repos.fusiondirectory.org/debian-extra wheezy main" >> /etc/apt/sources.list.d/fusiondirectory.list
      
    we do an apt-get update with errors ...
     
    # apt-get update
     
    next we add the gpg-key:
     
    # apt-get install fusiondirectory-archive-keyring
    Reading package lists... Done
    Building dependency tree       
    Reading state information... Done
    The following NEW packages will be installed:
    fusiondirectory-archive-keyring
    0 upgraded, 1 newly installed, 0 to remove and 5 not upgraded.
    Need to get 2808 B of archives.
    After this operation, 38.9 kB of additional disk space will be used.
    WARNING: The following packages cannot be authenticated!
    fusiondirectory-archive-keyring
    Install these packages without verification [y/N]? y
    Get:1 http://repos.fusiondirectory.org/debian-extra/ stable/main fusiondirectory-archive-keyring all 1.0 [2808 B]
    Fetched 2808 B in 0s (43.8 kB/s)                           
    Selecting previously unselected package fusiondirectory-archive-keyring.
    (Reading database ... 82724 files and directories currently installed.)
    Unpacking fusiondirectory-archive-keyring (from .../fusiondirectory-archive-keyring_1.0_all.deb) ...
    Setting up fusiondirectory-archive-keyring (1.0) ...

     
    next we update apt-get:
     
    # apt-get update
     
    To see whether the sources have been updated we can do an apt-cache search:
     
    # apt-cache search fusiondir

    fusiondirectory - Web Based LDAP Administration Program
    fusiondirectory-plugin-alias - alias plugin for FusionDirectory
    fusiondirectory-plugin-alias-schema - LDAP schema for FusionDirectory alias plugin
    fusiondirectory-plugin-applications - Applications management plugin for FusionDirectory
    fusiondirectory-plugin-applications-schema - LDAP schema for FusionDirectory application management plugin
    fusiondirectory-plugin-argonaut - Argonaut plugin for FusionDirectory
    fusiondirectory-plugin-argonaut-schema - LDAP schema for FusionDirectory Argonaut plugin
    fusiondirectory-plugin-audit - audit plugin for FusionDirectory
    fusiondirectory-plugin-audit-schema - LDAP schema for FusionDirectory audit plugin
    fusiondirectory-plugin-autofs - autofs plugin for FusionDirectory
    . . .

     

  2. install
     
    We install the software and a basic schema ...
     
    # apt-get install fusiondirectory-schema schema2ldif
    Reading package lists... Done
    Building dependency tree       
    Reading state information... Done
    The following packages were automatically installed and are no longer required:
    linux-headers-3.19.0-25 linux-headers-3.19.0-25-generic
    linux-image-3.19.0-25-generic linux-image-extra-3.19.0-25-generic
    Use 'apt-get autoremove' to remove them.
    The following NEW packages will be installed:
    fusiondirectory-schema schema2ldif
    0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded.
    Need to get 88.0 kB of archives.
    After this operation, 284 kB of additional disk space will be used.
    Get:1 http://repos.fusiondirectory.org/debian-extra/ wheezy/main schema2ldif all 1.0-1 [7,100 B]
    Get:2 http://repos.fusiondirectory.org/debian-wheezy/ wheezy/main fusiondirectory-schema all 1.0.15-1 [80.9 kB]
    Fetched 88.0 kB in 0s (434 kB/s)            
    Selecting previously unselected package schema2ldif.
    (Reading database ... 119056 files and directories currently installed.)
    Preparing to unpack .../schema2ldif_1.0-1_all.deb ...
    Unpacking schema2ldif (1.0-1) ...
    Selecting previously unselected package fusiondirectory-schema.
    Preparing to unpack .../fusiondirectory-schema_1.0.15-1_all.deb ...
    Unpacking fusiondirectory-schema (1.0.15-1) ...
    Processing triggers for man-db (2.6.7.1-1ubuntu1) ...
    Setting up schema2ldif (1.0-1) ...
    Setting up fusiondirectory-schema (1.0.15-1) ...

     
    now we install the schema ...
     
    # fusiondirectory-insert-schema

    SASL/EXTERNAL authentication started
    SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
    SASL SSF: 0
    executing 'ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/fusiondirectory/core-fd.ldif'
    SASL/EXTERNAL authentication started
    SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
    SASL SSF: 0
    adding new entry "cn=core-fd,cn=schema,cn=config"
     
    SASL/EXTERNAL authentication started
    SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
    SASL SSF: 0
    executing 'ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/fusiondirectory/core-fd-conf.ldif'
    SASL/EXTERNAL authentication started
    SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
    SASL SSF: 0
    adding new entry "cn=core-fd-conf,cn=schema,cn=config"
     
    SASL/EXTERNAL authentication started
    SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
    SASL SSF: 0
    executing 'ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/fusiondirectory/ldapns.ldif'
    SASL/EXTERNAL authentication started
    SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
    SASL SSF: 0
    adding new entry "cn=ldapns,cn=schema,cn=config"
     
    SASL/EXTERNAL authentication started
    SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
    SASL SSF: 0
    executing 'ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/fusiondirectory/template-fd.ldif'
    SASL/EXTERNAL authentication started
    SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
    SASL SSF: 0
    adding new entry "cn=template-fd,cn=schema,cn=config"

     
    ... and now we check our work ...
     
    # fusiondirectory-insert-schema -l

    core
    cosine
    nis
    inetorgperson
    core-fd
    core-fd-conf
    ldapns
    template-fd

     

  3. plugins
     
    Install and import the following ...
     
    # apt-get install fusiondirectory-plugin-systems-schema
    # apt-get install fusiondirectory-plugin-systems
     
    # fusiondirectory-insert-schema -i /etc/ldap/schema/fusiondirectory/service-fd.schema
    SASL/EXTERNAL authentication started
    SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
    SASL SSF: 0
    executing 'ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/fusiondirectory/service-fd.ldif'
    SASL/EXTERNAL authentication started
    SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
    SASL SSF: 0
    adding new entry "cn=service-fd,cn=schema,cn=config"

     
    # fusiondirectory-insert-schema -i /etc/ldap/schema/fusiondirectory/systems-fd-conf.schema

    SASL/EXTERNAL authentication started
    SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
    SASL SSF: 0
    executing 'ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/fusiondirectory/systems-fd-conf.ldif'
    SASL/EXTERNAL authentication started
    SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
    SASL SSF: 0
    adding new entry "cn=systems-fd-conf,cn=schema,cn=config"

     

    • sudo plugin ...
       
      # apt-get install sudo-ldap
      # apt-get install fusiondirectory-plugin-sudo
      # apt-get install fusiondirectory-plugin-sudo-schema
       
      ... so we import these ...
       
      # fusiondirectory-insert-schema -i /etc/ldap/schema/fusiondirectory/sudo.schema
      SASL/EXTERNAL authentication started
      SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
      SASL SSF: 0
      executing 'ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/fusiondirectory/sudo.ldif'
      SASL/EXTERNAL authentication started
      SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
      SASL SSF: 0
      adding new entry "cn=sudo,cn=schema,cn=config"

       
      # fusiondirectory-insert-schema -i /etc/ldap/schema/fusiondirectory/sudo-fd-conf.schema

      SASL/EXTERNAL authentication started
      SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
      SASL SSF: 0
      executing 'ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/fusiondirectory/sudo-fd-conf.ldif'
      SASL/EXTERNAL authentication started
      SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
      SASL SSF: 0
      adding new entry "cn=sudo-fd-conf,cn=schema,cn=config"

       

    • ssh plugin ...
       
      # apt-get install fusiondirectory-plugin-ssh
      # apt-get install fusiondirectory-plugin-ssh-schema
      # fusiondirectory-insert-schema -i /etc/ldap/schema/fusiondirectory/openssh-lpk.schema
      SASL/EXTERNAL authentication started
      SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
      SASL SSF: 0
      executing 'ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/fusiondirectory/openssh-lpk.ldif'
      SASL/EXTERNAL authentication started
      SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
      SASL SSF: 0
      adding new entry "cn=openssh-lpk,cn=schema,cn=config"

       

  4. what do we have
     
    # fusiondirectory-insert-schema -l | nl
     1  core
     2  cosine
     3  nis
     4  inetorgperson
     5  core-fd
     6  core-fd-conf
     7  ldapns
     8  template-fd
     9  service-fd
    10  systems-fd-conf
    11  sudo
    12  sudo-fd-conf
    13  openssh-lpk

     
    # ls /etc/ldap/schema/fusiondirectory -l | nl

     1  total 120
     2  -rw-r--r-- 1 root root 14538 Aug 23 09:51 argonaut-fd.schema
     3  -rw-r--r-- 1 root root 21066 Aug 23 09:44 core-fd-conf.schema
     4  -rw-r--r-- 1 root root  3162 Aug 23 09:44 core-fd.schema
     5  -rw-r--r-- 1 root root   668 Aug 23 09:44 ldapns.schema
     6  -rw-r--r-- 1 root root   537 Aug 23 09:51 openssh-lpk.schema
     7  -rw-r--r-- 1 root root  9549 Aug 23 09:44 rfc2307bis.schema
     8  -rw-r--r-- 1 root root 10523 Aug 23 09:51 service-fd.schema
     9  -rw-r--r-- 1 root root   491 Aug 23 09:51 sudo-fd-conf.schema
    10  -rw-r--r-- 1 root root  2319 Aug 23 09:51 sudo.schema
    11  -rw-r--r-- 1 root root  4121 Aug 23 09:51 systems-fd-conf.schema
    12  -rw-r--r-- 1 root root 22942 Aug 23 09:51 systems-fd.schema
    13  -rw-r--r-- 1 root root   424 Aug 23 09:44 template-fd.schema

     
    ... and finally we install these 2 packets:
     
    # apt-get install fusiondirectory-plugin-ldapmanager
    # apt-get install php-mdb2
     
    and that should be it

Dylan: time for a snapshot !!!
....
check in firefox http://my-ldap-server/fusiondirectory

you will now need to follow the wizard in firefox, which might not be that simple ...