ตั้งใจจะมาศึกษาเรื่อง OpenLDAP เป็นเรื่องเป็นราวซ่ะที ผมก็เลยไปเอาสารบัญของ OpenLDAP ตัวแม่มาวางไว้เป็นฐานไว้ก่อนแล้วก็ค่อยตามสอยทีหลัง..คงไม่ได้มานั่งแปลเป็นเรื่องเป็นราว อารมณ์คงไปอ่านแล้วเอามาสรุปๆๆ เป็นหัวข้อเอา
1. มาทำความรู้จักับ OpenLDAP กันซักหน่อย
1.1. Directory Server คืออะไร
1.2. แล้ว LDAP คืออะไร
1.3. เมื่อไหร่ที่ผมควรจะเลือกใช้ LDAP
1.4. เมื่อไหร่ที่ไม่ควรใช้ LDAP
1.5. LDAP ทำงานอย่างไร
1.6. What about X.500?
1.7. What is the difference between LDAPv2 and LDAPv3?
1.8. LDAP vs RDBMS
1.9. What is slapd and what can it do?
2. A Quick-Start Guide
3. The Big Picture – Configuration Choices
3.1. Local Directory Service
3.2. Local Directory Service with Referrals
3.3. Replicated Directory Service
3.4. Distributed Local Directory Service
4. Building and Installing OpenLDAP Software
4.1. Obtaining and Extracting the Software
4.2. Prerequisite software
4.2.1. Transport Layer Security
4.2.2. Simple Authentication and Security Layer
4.2.3. Kerberos Authentication Service
4.2.4. Database Software
4.2.5. Threads
4.2.6. TCP Wrappers
4.3. Running configure
4.4. Building the Software
4.5. Testing the Software
4.6. Installing the Software
5. Configuring slapd
5.1. Configuration Layout
5.2. Configuration Directives
5.2.1. cn=config
5.2.2. cn=module
5.2.3. cn=schema
5.2.4. Backend-specific Directives
5.2.5. Database-specific Directives
5.2.6. BDB and HDB Database Directives
6. The slapd Configuration File
6.1. Configuration File Format
6.2. Configuration File Directives
6.2.1. Global Directives
6.2.2. General Backend Directives
6.2.3. General Database Directives
6.2.4. BDB and HDB Database Directives
7. Access Control
7.1. Introduction
7.2. Access Control via Static Configuration
7.2.1. What to control access to
7.2.2. Who to grant access to
7.2.3. The access to grant
7.2.4. Access Control Evaluation
7.2.5. Access Control Examples
7.2.6. Configuration File Example
7.3. Access Control via Dynamic Configuration
7.3.1. What to control access to
7.3.2. Who to grant access to
7.3.3. The access to grant
7.3.4. Access Control Evaluation
7.3.5. Access Control Examples
7.3.6. Access Control Ordering
7.3.7. Configuration Example
7.3.8. Converting from slapd.conf(5) to a cn=config directory format
7.4. Access Control Common Examples
7.4.1. Basic ACLs
7.4.2. Matching Anonymous and Authenticated users
7.4.3. Controlling rootdn access
7.4.4. Managing access with Groups
7.4.5. Granting access to a subset of attributes
7.4.6. Allowing a user write to all entries below theirs
7.4.7. Allowing entry creation
7.4.8. Tips for using regular expressions in Access Control
7.4.9. Granting and Denying access based on security strength factors (ssf)
7.4.10. When things aren’t working as expected
7.5. Sets – Granting rights based on relationships
7.5.1. Groups of Groups
7.5.2. Group ACLs without DN syntax
7.5.3. Following references
8. Running slapd
8.1. Command-Line Options
8.2. Starting slapd
8.3. Stopping slapd
9. Database Creation and Maintenance Tools
9.1. Creating a database over LDAP
9.2. Creating a database off-line
9.2.1. The slapadd program
9.2.2. The slapindex program
9.2.3. The slapcat program
9.3. The LDIF text entry format
10. Backends
10.1. Berkeley DB Backends
10.1.1. Overview
10.1.2. back-bdb/back-hdb Configuration
10.1.3. Further Information
10.2. LDAP
10.2.1. Overview
10.2.2. back-ldap Configuration
10.2.3. Further Information
10.3. LDIF
10.3.1. Overview
10.3.2. back-ldif Configuration
10.3.3. Further Information
10.4. Metadirectory
10.4.1. Overview
10.4.2. back-meta Configuration
10.4.3. Further Information
10.5. Monitor
10.5.1. Overview
10.5.2. back-monitor Configuration
10.5.3. Further Information
10.6. Null
10.6.1. Overview
10.6.2. back-null Configuration
10.6.3. Further Information
10.7. Passwd
10.7.1. Overview
10.7.2. back-passwd Configuration
10.7.3. Further Information
10.8. Perl/Shell
10.8.1. Overview
10.8.2. back-perl/back-shell Configuration
10.8.3. Further Information
10.9. Relay
10.9.1. Overview
10.9.2. back-relay Configuration
10.9.3. Further Information
10.10. SQL
10.10.1. Overview
10.10.2. back-sql Configuration
10.10.3. Further Information
11. Overlays
11.1. Access Logging
11.1.1. Overview
11.1.2. Access Logging Configuration
11.1.3. Further Information
11.2. Audit Logging
11.2.1. Overview
11.2.2. Audit Logging Configuration
11.2.3. Further Information
11.3. Chaining
11.3.1. Overview
11.3.2. Chaining Configuration
11.3.3. Handling Chaining Errors
11.3.4. Read-Back of Chained Modifications
11.3.5. Further Information
11.4. Constraints
11.4.1. Overview
11.4.2. Constraint Configuration
11.4.3. Further Information
11.5. Dynamic Directory Services
11.5.1. Overview
11.5.2. Dynamic Directory Service Configuration
11.5.3. Further Information
11.6. Dynamic Groups
11.6.1. Overview
11.6.2. Dynamic Group Configuration
11.7. Dynamic Lists
11.7.1. Overview
11.7.2. Dynamic List Configuration
11.7.3. Further Information
11.8. Reverse Group Membership Maintenance
11.8.1. Overview
11.8.2. Member Of Configuration
11.8.3. Further Information
11.9. The Proxy Cache Engine
11.9.1. Overview
11.9.2. Proxy Cache Configuration
11.9.3. Further Information
11.10. Password Policies
11.10.1. Overview
11.10.2. Password Policy Configuration
11.10.3. Further Information
11.11. Referential Integrity
11.11.1. Overview
11.11.2. Referential Integrity Configuration
11.11.3. Further Information
11.12. Return Code
11.12.1. Overview
11.12.2. Return Code Configuration
11.12.3. Further Information
11.13. Rewrite/Remap
11.13.1. Overview
11.13.2. Rewrite/Remap Configuration
11.13.3. Further Information
11.14. Sync Provider
11.14.1. Overview
11.14.2. Sync Provider Configuration
11.14.3. Further Information
11.15. Translucent Proxy
11.15.1. Overview
11.15.2. Translucent Proxy Configuration
11.15.3. Further Information
11.16. Attribute Uniqueness
11.16.1. Overview
11.16.2. Attribute Uniqueness Configuration
11.16.3. Further Information
11.17. Value Sorting
11.17.1. Overview
11.17.2. Value Sorting Configuration
11.17.3. Further Information
11.18. Overlay Stacking
11.18.1. Overview
11.18.2. Example Scenarios
12. Schema Specification
12.1. Distributed Schema Files
12.2. Extending Schema
12.2.1. Object Identifiers
12.2.2. Naming Elements
12.2.3. Local schema file
12.2.4. Attribute Type Specification
12.2.5. Object Class Specification
12.2.6. OID Macros
13. Security Considerations
13.1. Network Security
13.1.1. Selective Listening
13.1.2. IP Firewall
13.1.3. TCP Wrappers
13.2. Data Integrity and Confidentiality Protection
13.2.1. Security Strength Factors
13.3. Authentication Methods
13.3.1. "simple" method
13.3.2. SASL method
13.4. Password Storage
13.4.1. SSHA password storage scheme
13.4.2. CRYPT password storage scheme
13.4.3. MD5 password storage scheme
13.4.4. SMD5 password storage scheme
13.4.5. SHA password storage scheme
13.4.6. SASL password storage scheme
13.4.7. KERBEROS password storage scheme
13.5. Pass-Through authentication
13.5.1. Configuring slapd to use an authentication provider
13.5.2. Configuring saslauthd
13.5.3. Testing pass-through authentication
14. Using SASL
14.1. SASL Security Considerations
14.2. SASL Authentication
14.2.1. GSSAPI
14.2.2. KERBEROS_V4
14.2.3. DIGEST-MD5
14.2.4. Mapping Authentication Identities
14.2.5. Direct Mapping
14.2.6. Search-based mappings
14.3. SASL Proxy Authorization
14.3.1. Uses of Proxy Authorization
14.3.2. SASL Authorization Identities
14.3.3. Proxy Authorization Rules
15. Using TLS
15.1. TLS Certificates
15.1.1. Server Certificates
15.1.2. Client Certificates
15.2. TLS Configuration
15.2.1. Server Configuration
15.2.2. Client Configuration
16. Constructing a Distributed Directory Service
16.1. Subordinate Knowledge Information
16.2. Superior Knowledge Information
16.3. The ManageDsaIT Control
17. Replication
17.1. Replication Technology
17.1.1. LDAP Sync Replication
17.2. Deployment Alternatives
17.2.1. Delta-syncrepl replication
17.2.2. N-Way Multi-Master replication
17.2.3. MirrorMode replication
17.2.4. Syncrepl Proxy Mode
17.3. Configuring the different replication types
17.3.1. Syncrepl
17.3.2. Delta-syncrepl
17.3.3. N-Way Multi-Master
17.3.4. MirrorMode
17.3.5. Syncrepl Proxy
18. Maintenance
18.1. Directory Backups
18.2. Berkeley DB Logs
18.3. Checkpointing
18.4. Migration
19. Monitoring
19.1. Monitor configuration via cn=config(5)
19.2. Monitor configuration via slapd.conf(5)
19.3. Accessing Monitoring Information
19.4. Monitor Information
19.4.1. Backends
19.4.2. Connections
19.4.3. Databases
19.4.4. Listener
19.4.5. Log
19.4.6. Operations
19.4.7. Overlays
19.4.8. SASL
19.4.9. Statistics
19.4.10. Threads
19.4.11. Time
19.4.12. TLS
19.4.13. Waiters
20. Tuning
20.1. Performance Factors
20.1.1. Memory
20.1.2. Disks
20.1.3. Network Topology
20.1.4. Directory Layout Design
20.1.5. Expected Usage
20.2. Indexes
20.2.1. Understanding how a search works
20.2.2. What to index
20.2.3. Presence indexing
20.3. Logging
20.3.1. What log level to use
20.3.2. What to watch out for
20.3.3. Improving throughput
20.4. Caching
20.4.1. Berkeley DB Cache
20.4.2. slapd(8) Entry Cache (cachesize)
20.4.3. IDL Cache (idlcachesize)
20.4.4. slapd(8) Threads
21. Troubleshooting
21.1. User or Software errors?
21.2. Checklist
21.3. OpenLDAP Bugs
21.4. 3rd party software error
21.5. How to contact the OpenLDAP Project
21.6. How to present your problem
21.7. Debugging slapd(8)
21.8. Commercial Support
เหอะๆ แปลจบก็คง..เทพ LDAP แล้วหล่ะ
