LightLdapd is a small and easy to manage LDAP server for small home/classroom/school sized networks that can include thin clients. It is designed to provide network wide users/groups/etc support to supplement the excellent network dns/dhcp/tftp support provided by dnsmasq.
It uses local PAM and NSS for authentication and to export the local passwd/group/shadow/etc system databases. This means it has no special separate ldap database to manage, and users/groups/etc can be managed normally on the LightLdapd machine. No database setup or ldap management tools are required, it just exports all the local users/groups/etc. Client machines can then use libpam_ldapd and libnss_ldapd to have all the same users/groups/etc as are on the machine where LightLdapd is running.
The code is small, clean and efficient C, leveraging of existing libraries as much as possible. It uses libev for an efficient event loop. It uses asn1c to auto-generate the LDAP message parsing/generating from the ASN.1 spec. It uses libpam for authentication. It is small and efficient enough to run on a router or NAS.
LightLdapd was forked from the excellent entente by Sergey Urbanovich with his blessing. The choice to fork was made in order to leave entente as simple as possible and avoid adding features needed for LightLdapd. Improvements have and will be fed back into entente when they don't increase its size.
The rest of this readme is not finished yet.
| Name | Description |
|---|---|
| README | This file. |
| INSTALL | Installation instructions. |
| COPYING | Copyright and Licencing details. |
| AUTHORS | The main project authors. |
| THANKS | All the project contributors. |
| NEWS | Summary of fixes and changes for each release. |
| TODO | List of outstanding tasks and future plans. |
| ChangeLog | Detailed development change history. |
| doc/ | Contains project documentation. |
| src/ | Contains project source code. |
| tests/ | Contains project unit and functional tests. |
To compile and install:
make make install
Or (for building debian package):
make debian
entente [options]
Or:
/etc/init.d/entente start # config file: /etc/default/entente
| -a | Allow anonymous access. |
| -b basedn | Set the basedn for the ldap server (default: "dc=entente"). |
| -l | Bind to the loopback interface only. |
| -p port | Set local port number (default: 389). |
| -d | Run as a daemon. |
lighttpd.conf:
server.modules += ( "mod_rewrite" )
auth.backend = "ldap"
auth.backend.ldap.hostname = "localhost"
auth.backend.ldap.filter = "(user=$)"
auth.require = (
"/tratata" => (
"method" => "basic",
"realm" => "entente",
"require" => "user=kiki|user=ooki"
),
)
- http:https://github.com/dbaarda/LightLdapd
- The project homepage.
- http:https://minkirri.apana.org.au/wiki/LightLdapd
- An early brainstorming wiki before the github project was created.
File any problems/bugs/suggestions/questions on the github issue tracker.
See DEVELOPMENT for development instructions.
http:https://github.com/dbaarda/LightLdapd