HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Developers' Forum (http://www.howtoforge.com/forums/forumdisplay.php?f=33)
-   -   ISPConfig and LDAP (http://www.howtoforge.com/forums/showthread.php?t=58424)

kinai 28th August 2012 18:57

ISPConfig and LDAP
 
Hi all,

I know that LDAP is not supported in ISPConfig.
The ISPConfig core is it devellop to allow adding a plugin to store users informations and password in another backend that mysql ? ldap for example.

Thanks,
Kinai

till 29th August 2012 10:03

The ispconfig interface requires a relational sql database, currently supported is mysql only. So you cant run the ispconfig interface on a ldap store. It might be possible to write a server plugin that stores duplicates of the authentication information that is found in mysql in a ldap directory, but ldap will be a ready only storage in this scenario and not a replacement for the sql storage that ispconfig uses.

kinai 29th August 2012 10:45

Hi Till,

Thanks for your answer.

I understand that ISPConfig requires a SQL Database to store information like service configuration (Apache, Mysql, Postfix). I think LDAP could became only a "account backend".

Do you think that is possible to "modify" ISPConfig with a core plugin to store users, clients and ressellers informations in LDAP. For me, this information must be linked with database information like apache sites affect to this client. Primary Key used for identify user in sql database could be store in a field in LDAP object.

It could be possible to "choice", during ISPConfig install, the "account backend" : LDAP ou MySQL.

Possibility to duplicate users informations store in mysql to ldap could be a first step.

Number of services, like postfix and dovecot, could be configure to use LDAP as authentification backend. Using LDAP could be usefull to retrieve user informations to authenticate third party application like CMS (Joomla), ERP (OpenERP) , and other... For me, ISPConfig could became more expandable with an LDAP "accout backend".

With a replicate solution, if user update his data from third party application, ISPConfig override it after an update and data store by user will be lost.

In case of it will be possible to create a core plugin for that, could you give me documentation to devellop core plugin (I've just found interface plugin documentation).

Thanks,
Kinai

Mark_NL 29th August 2012 11:35

This is possible, but it's not a simple task.
I'd start with writing new scheme's for the ISPConfig data to save the same data in LDAP as you would in MySQL and create some "replication" function so the LDAP data is always in sync with the data in MySQL.

From that point on you can start having services use LDAP Authentication and possibly start making MySQL data "slave" ..

I like ldap, but i fail to see the big advantage over the already existing system. I think it's too much work for what you'll eventually be able to do with it.

anyway, good luck!

till 29th August 2012 11:35

You would have to rewrite a lot of code in ispconfig (maybe about 50% of the code) if you want to do a full ldap backend for authentication details as ldap works very differntly then a mysql database and the user data is required by almost all plugins, so you would have to change them all.

valerios 7th November 2013 18:56

Ispconfig3 & LDAP
 
Quote:

Originally Posted by till (Post 284439)
You would have to rewrite a lot of code in ispconfig (maybe about 50% of the code) if you want to do a full ldap backend for authentication details as ldap works very differntly then a mysql database and the user data is required by almost all plugins, so you would have to change them all.

Hi Till,
is possible using LDAP backend only for mail user authentication?


All times are GMT +2. The time now is 06:04.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.