Skip to content

Increase in enquiries for migrations from Sun Directory and other directory servers to OpenLDAP

LinuxOpenLDAPOpen SourceSuretec Hi all,

Everyone involved in the directory sector and OpenLDAP has been seeing lots more enquiries to migrate from Sun Directory to OpenLDAP as the future of Sun Directory, now Oracle owns Sun is becoming a concern, as is their new pricing model. We obviously have experience doing this and migration from any other directory server.

If you want to convert your enterprise directory from a proprietary and expensive closed-source supplier to OpenLDAP, a modern, more efficient, and less expensive Open Source software solution please do contact us.

Our partners Symas also have a Directory Services Upgrade Program that we can do for you in the UK:

Convert your Enterprise Directory from a proprietary and expensive closed-source supplier to OpenLDAP, a modern, more efficient, and less expensive Open Source software solution. Typically, enterprises dramatically reduce their annual cost converting to OpenLDAP from Sun, Oracle, Netscape, or iPlanet Directory Services products. The workload requires half or less the power and capacity for substantially improved performance. This is a relatively easy transition to make because LDAPv3 is highly standardized and OpenLDAP conforms to the most demanding requirements of the Internet Standards (RFC[?] 4511 and related RFCs)..

Symas Corporation will be glad to consult with your team and offer you a fixed-price, fixed schedule offer for conversion of your Enterprise Directory technology. This service includes:

- A complete evaluation of your present Directory Services servers
- A Detailed plan for implementation of the new technology
- A roadmap for conversion of existing LDAP[?] applications and data feeds
- Conversion of schema definitions
- Access Control conversions/implementation
- Database transfer and clean-up
- OpenLDAP deployment, tuning and configuration
- SSL Certificate Conversion
- Database reload
- Assistance with application testing
- Operational team training (LDAP University)
- One year of standard Gold
- level Symas OpenLDAP technical support


Please do contact us.

Thanks,

Gavin.

Suretec VoIP platform coming soon - SureVoIP

AsteriskCatalystDojoJabber/XMPPLinuxOpenLDAPOpenSIPSOpen SourcePerlPostgreSQLSuretec A quick update:

SureVoIP a new startup ITSP will be launched by Suretec very soon. It is currently in development and being installed in a Scottish datacentre using various enterprise grade Open Source products. Keep an eye out for when it goes beta and will be available at http://www.surevoip.co.uk

[Unofficial] Sneak peak: OpenLDAP 2.4.17 almost out!

AsteriskOpenLDAPOpenSIPSOpen SourceSuretec There's been lot's of hard work gone into 2.4.17 and I say it every time, but this is the best release so far!

A huge thanks to the following significant contributors to this release:

Howard Chu (Symas Corp)
Hallvard Furuseth (University of Oslo)
Quanah Gibson-Mount (Yahoo! Inc)
Ralf Haferkamp (SUSE Linux)
Gavin Henry (Suretec Systems)
Pierangelo Masarati (Sys-Net)
Rein Tollevik (Basefarm AS)

It's been 3 months almost to the day since 2.4.16 so you'll see lot's of fixes and a new tool. It always amazes me that there are still bugs even though OpenLDAP is so stable, widely deployed and so fast! Well, software will always have bugs ;-)

The nice new tool is Slapschema: "Slapschema is used to check schema compliance of the contents of a slapd(8) database." See man slapschema (8)

For complete fixes etc. see the OpenLDAP CHANGES file.

Oh, and where are all my new docs? We've been so busy with existing and new clients that things have slipped, sorry. Lots of work with our partners Symas too and we're also prepping a new VoIP platform for Suretec Telecom called SureVoIP (which OpenLDAP plays a big part!).

More later and upgrade, upgrade, upgrade!!

LDAPCon 2009 Call For Papers

OpenLDAPOpen SourceSuretec The International Conference on LDAP[?] is a technical forum for IT professionals interested in LDAP and related topics like directory servers, directory management applications, directory integration, identity and access management, and meta directories.

It focuses on implementation and integration of LDAP servers and LDAP-enabled client applications. The event will bring together vendors, developers, active and prospective LDAP practitioners to share their experiences about deployment strategies, service operations, interoperability, discuss LDAP usage in new projects and learn about upcoming trends and developments.
Topics

You are involved with LDAP in interesting projects?

- You do LDAP client development?
- You have used LDAP like no-one before?
- You have innovative concepts in LDAP Integration?

Why not share your experiences, good and bad, with others?

We look for speakers who ae willing to talk about:

Continue reading "LDAPCon 2009 Call For Papers"

2nd International Conference on LDAP - LDAPCon 2009

OpenLDAPOpen SourceSuretec The 2nd International Conference on LDAP[?]
LDAPCon 2009
has been announced!

- September 20th and 21st, 2009
- Portland Waterfront Marriott Hotel
- Portland, Oregon, USA
- LDAPCon 2009 in conjunction with LinuxCon 2009, attendees will be registered for all LinuxCon sessions and events as well as those for LDAPCon
- Conference fee: $US625

Webinar: 'Guide to Scaling OpenLDAP with MySQL Cluster'

OpenLDAPOpen SourceSuretec “Guide to Scaling OpenLDAP with MySQL Cluster” on June 24th at 10:00AM PST. Howard Chu, CTO of Symas Corporation, will be the primary technical presenter. This is going to be a repeat of the great pitch we did at the MySQL Conference in Santa Clara. This is a terrific introduction to the OpenLDAP Driver for MySQL Cluster for people interested in this new database technology for LDAP[?] directory data.

Register here

Suretec®

OpenLDAP build farm

OpenLDAPOpen SourceSuretec Dear all,

Just a quick update to say things are moving forward on the OpenLDAP build farm and very soon (after more testing) you'll be able to submit your desired platform for testing and upload your build results!

More later (next month),

Gavin.

OpenLDAP Replication Strategies

OpenLDAPOpen SourceSuretec At this years UKUUG's annual Large Installation Systems Administration (LISA) conference I gave a talk on OpenLDAP Replication Strategies. You can grab theOpenLDAP Replications Strategies PDF or SlideShare version.

Other presentations regarding OpenLDAP that day (including one from Howard, the Projects Chief Architect and Symas CTO), OpenLDAP and MySQL: Bridging the Data Model Divide and Andrew Findlays Writing Access Control Policies for LDAP[?]

Gavin.

OpenLDAP Quick Tips: Replication Strategies

OpenLDAPOpen SourceSuretec Hi All,

Here's the 22nd tip in the "OpenLDAP Quick Tips" series:

"You are not sure what type of OpenLDAP replication to use, but you know you need to".

This tip won't actually go into the technical setup (and isn't very quick ;-) ) of the different replication types, we'll leave that for another set of tips. You can always read up on them yourself in the Replication section of the OpenLDAP 2.4 Administrator's Guide. Or if you're coming to the UKUUG's annual Large Installation Systems Administration (LISA) you'll be able to hear Howard Chu and myself give our talks:

- OpenLDAP Replication Strategies - Gavin Henry (Suretec Systems & OpenLDAP project)
- OpenLDAP and MySQL: Bridging the Data Model Divide - Howard Chu (Symas Corp. & OpenLDAP project).

Andrew Findlay (Skills 1st), another respected authority on LDAP[?] will also be giving a talk on Writing Access Control Policies for LDAP.


Anyway, on to the strategies.

Continue reading "OpenLDAP Quick Tips: Replication Strategies"

OpenLDAP Quick Tips: Interacting with LDAP from shell scripts by Vincent van Gelder

OpenLDAPOpen SourceSuretec Hi All,

Here's the 21st tip in the "OpenLDAP Quick Tips" series kindly contributed by Vincent van Gelder.

"You need to carry out LDAP[?] operations using shell scripts".

The following is an example sent in by Vincent van Gelder (you can e-mail your tip to us too):

------------------------
The following script I use when interacting with ldap[?] from shell scripts:


http://members.tripod.com/vgoenka/unixscripts/unldif.sed.txt


Sample script:

CODE:
###################################### #!/bin/bash PHOTO=/tmp/tux.jpg IFS=$'\n' for dn in $(ldapsearch -ZZ -LLL -A -b 'ou=Users,ou=Intranet,o=Company,c=NL' -s one '(&(!(jpegPhoto=*))(objectClass=inetOrgPerson))' jpegPhoto \  | unldif  | grep '^dn' ) do     echo $dn     echo "changetype: modify"     echo "add: jpegPhoto"     echo "jpegPhoto::$(openssl base64 -in $PHOTO | sed 's/^/ /')"     echo done ######################################


The sample script fetches users from ldap whithout a photo and adds a
default photo. Output is a ldif.

It also demonstrates how to add binary attributes from shell using
openssl tool.

The unldif script makes sure the dn is always just one line.

--
Met vriendelijke groet,

Vincent van Gelder
------------------------


Thanks,

Gavin.

If you have an entry for our "OpenLDAP Quick Tips" series, why not e-mail your tip to us.

P.S. For direct access to this section, you can click OpenLDAP Quick Tips.

OpenLDAP Source vs Symas OpenLDAP

Open SourceSuretec We've just published two comparisons of OpenLDAP source management versus Symas OpenLDAP Packages:

Nothing special, just a quick comparison.

Suretec®

OpenLDAP Quick Tips: Enable in Directory Monitoring

OpenLDAPOpen SourceSuretec Hi All,

Here's the 20th tip in the "OpenLDAP Quick Tips" series:

"You need to obtain information regarding the current state of your slapd instance":

slapd(8) supports an optional LDAP[?] monitoring interface you can use to obtain information regarding the current state of your slapd instance. For instance, the interface allows you to determine how many clients are connected to the server currently. The monitoring information is provided by a specialized backend, the monitor backend. A manual page, slapd-monitor(5) is available.


At the end of your slapd.conf file add:

CODE:
database monitor


and restart.

You'll now be able to query information like the following and use it in your monitoring tools:

CODE:
dn: cn=Total,cn=Connections,cn=Monitor structuralObjectClass: monitorCounterObject monitorCounter: 4 entryDN: cn=Total,cn=Connections,cn=Monitor subschemaSubentry: cn=Subschema hasSubordinates: FALSE



Thanks,

Gavin.

If you have an entry for our "OpenLDAP Quick Tips" series, why not e-mail your tip to us.

P.S. For direct access to this section, you can click OpenLDAP Quick Tips.

OpenLDAP Quick Tips: Encrypt your Oracle Berkeley DB if necessary

OpenLDAPOpen SourceSuretec Hi All,

Here's the 18th tip in the "OpenLDAP Quick Tips" series:

"You need to encrypt the raw bdb files":

This might be useful various reasons:

It may actually provide some value to sites that do regular backups of their raw DB files. It may actually be useful in some cases where you provide an encryption key on separate removable media (e.g. a USB flash drive). It might actually prevent a news article down the road on how some organization lost their 5 million record customer database and now all that unprotected data is now being exploited by criminals.

I doubt it, of course. It exacts a performance penalty on every DB operation, so I don't think anyone will be able to use this long-term. For the off-site backup scenario, it makes more sense to just encrypt the backup images (tar format or whatever backup utility is used). That way you only spend cycles on encryption once, at backup time. Any site that's savvy enough to do automated backups can certainly figure out how to protect those backups with encryption.


Continue reading "OpenLDAP Quick Tips: Encrypt your Oracle Berkeley DB if necessary"

OpenLDAP Quick Tips: Always 'make test'

OpenLDAPOpen SourceSuretec Hi All,

Here's the 17th tip in the "OpenLDAP Quick Tips" series:

"You've successfully built your own instance of OpenLDAP but want to make sure you've done it right":

So, you've grabbed the latest version, compiled it and want to get started straight way, but stop! Hours and hours have been spent writing test scripts for OpenLDAP, so please, please, please run:

CODE:
make test


before

CODE:
su -c "make install"


and save the OpenLDAP Issue Tracking System from getting full with silly reports!

Also, see our installation section of the FAQ.

If this is too much, why not get supported, prepackaged versions of OpenLDAP: Symas™ OpenLDAP™ Directory Services™

Thanks,

Gavin.

If you have an entry for our "OpenLDAP Quick Tips" series, why not e-mail your tip to us.

P.S. For direct access to this section, you can click OpenLDAP Quick Tips.
tweetbackcheck