Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Is it possible to have an Scientific Linux 6.1 (64 bit) server running the ldap from the channel to handle multiple domains (for spam appliances to query for valid email addresses).
Sorry I meant Scientific Linux 6.1 64 bit
I have been reading several online howto/guides and I have not been successful.
For example there are about 15 domains, can 1 ldap server be utilized to store the email addresses.
Distribution: openSuSE, Fedora, CentOS, Debian,, and others
Posts: 84
Rep:
Quote:
Originally Posted by rhbegin
Is it possible to have an Scientific Linux 6.1 (64 bit) server running the ldap from the channel to handle multiple domains (for spam appliances to query for valid email addresses).
Sorry I meant Scientific Linux 6.1 64 bit
I have been reading several online howto/guides and I have not been successful.
For example there are about 15 domains, can 1 ldap server be utilized to store the email addresses.
I am a bit lost on really how to go about this, any tips/advice would be great. As it seems getting ldap on a Linux distro functioning is challenging.
The answer to your question is YES. It's not going to be fun or easy, at least in my experience, but it is possible. I have personally setup LDAP that handled 7 different domains with out any issues. Now I was also using openSuSE 11.3 because it uses Novell's YaST System Management Tool and setting up LDAP with Mail support is some what straight forward in YaST.
I will give this as a tip, the one thing that most everyone forgets is to establish correct ACL's. I know I did the first 4 or 5 times I setup an LDAP Network. The key is to allow everyone to authenticate but only allow authenticated users to be able to read or view any LDAP entries. You may also want to look into using 389DS (389 Directory Service) which at one point had an install rpm in the Fedora Repo, that is if you want to use a RHEL based distro.
Distribution: openSuSE, Fedora, CentOS, Debian,, and others
Posts: 84
Rep:
I have used both 32bit and 64bit. I first started with 32bit only because that was the OS I had installed already. There should be no difference between the 2 no matter what system you use. For the second C3DC(Community College Cyber Defense Challenge) I attended, we used openSuSE 11.3 32bit as the box they gave us to use would not support 64bit. My team placed 7th overall(22 teams) and we were complimented on our LDAP setup, and to be honest at the time I had taught myself how to setup and use basic authentication with LDAP 2 weeks before the competition as the guy that was suppose to do that backed out.
To answer your second question you will always start out setting up your LDAP or for that fact your MS-DS using your TOP Domain, in your case abc.com as the primary. Then you would setup any subsequent domain as a "Slave" or "Child" of the primary. Basically this is what you would see if you where to make a "Tree" of your hierarchy of what you wanted to do:
abc.com(abc123.com) <-- Primary or Top Level (dc=abc,dc=com -- root of structure)
|
-------------------------------------
|............|............|.........|
efg.com......xyz.com......bee.org...mno.info
|............|............|.........|
Alternatively you could also add to your Primary something like so:
abc.com(abc123.com) <-- Primary or Top Level (dc=abc,dc=com -- root of structure)
|
---------------------
|............|.........|
People Servers Domains <-- (ou=domains,dc=abc,dc=com)
|............|.........|
---.........---........|
.......................|
-------------------------------------
|............|...........|..........|
efg.com...xyz.com.....bee.org....mno.info <-- (cn=mno.info,ou=mno,dc=abc,dc=com)
|............|...........|..........|
(I hate it when systems remove "White Space" as it kills my pretty trees)
You would set up each "Sub-Domain"/"Add-on Domain" as an Organizational Unit to the Root Domain, or you could even make an OU called Domains then place those Domains under that OU. This would then allow you to segregate out each Domain a little further. It all depends on what you are looking to accomplish in the end. Do you want Security over Complexity, or do you want to follow the following K.I.S.S. (Keep it simple stupid) rule of thumb.
I have also used 389DS while running Fedora 12/13 and had no issues (only reason I used it was that was the OS that my instructor liked), but again it is going to take time and a lot of reading & posting to help forums.
Last edited by War3zWad|0; 11-24-2011 at 03:32 AM.
Reason: tree didn't work
I like things the simplest as possible, basically it would be to identify valid email addresses for the company isp domain and the hosted domains only.
The spam appliances would read from them, I got the OpenSuSE downloaded and installed as a virtual machine. Would it be worthwhile to give the Fedora a try with ldap configuration as well?
Sorry for so many questions, I am still researching/learning on this subject and it seems quite complex.
Distribution: openSuSE, Fedora, CentOS, Debian,, and others
Posts: 84
Rep:
Quote:
Originally Posted by rhbegin
I like things the simplest as possible, basically it would be to identify valid email addresses for the company isp domain and the hosted domains only.
The spam appliances would read from them, I got the OpenSuSE downloaded and installed as a virtual machine. Would it be worthwhile to give the Fedora a try with ldap configuration as well?
Sorry for so many questions, I am still researching/learning on this subject and it seems quite complex.
thank you for all of you help/advice
If you are wanting "Simple" then I would recommend using openSuSE and YaST. I feel and I could be wrong because I am speaking from my experiences that it was easiest to get setup and actually working right with openSuSE.
With Fedora the one thing that I have personally experienced is that when they "update" their products it can tend to break things that were once working correctly. The other issue with Fedora is you have to make a choice and that is do you do everything the old fashion way and use the command line for everything or do you use a "System" that has a GUI interface to make things a little easier.
To answer the question in regards to being worthwhile to test multiple OSes at the same time and the answer to that (as a tester) is YES. I am going to say this, there is not 1 person in the world that knows everything there is to know about LDAP. I have been working with it for only 2.5 years and I am definitely still learning on the subject. I can only assist as much as my knowledge will provide, so I am sorry if these answers seem kind of vague.
When it comes to testing I personally setup a couple of virtual networks and test multiple configurations as well as OSes. This gives me not only a good learning environment but I can better choose which direction to go.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.