[ale] Low resource, easy to admin LDAP server
DJ-Pfulio
DJPfulio at jdpfu.com
Fri Dec 23 12:26:36 EST 2016
Thought everyone running SIP had moved to FreePBX or PBX-in-a-box?
Might ask the LDAP question at the AAUG (or browse their list archives).
Those all-in-one SIP distros have everything. I haven't been to a
meeting or been following asterisk since before a Raspberry Pi was
introduced, but people were deploying $200 mini-x86 boxes to handle 50
people in small offices and they felt it was complete overkill. They
did "fork lift" upgrades to reduce downtime. Basically, they never
touched a working system. Did patching+testing on an alternate box and
swapped it in when things looked good.
I bet there is a PBX-specific solution, probably using LDAP with a nice
webGUI. It probably accepts a CVS/LDIF/vcard upload for the directory too.
As for r-pi stuff. Folks are using 16G-1TB laptop disks using a powered
USB hub for both the Pi and the disks. Basically, it makes storage a
non-factor AND they get a stable power source.
I'll make you a deal on a 2-line Snom. ;)
On 12/23/2016 10:41 AM, Alex Carver wrote:
> Might be a bit much for a Raspberry Pi. :) The intent is for populating
> the directory of a few SIP phones at home. The Pi is running Asterisk
> for all the VoIP functions and TFTPd for provisioning the phones so I
> just needed a tiny LDAP to have a direct-dial directory otherwise I have
> to program the phones one at a time manually (there is no remote
> provisioning for the phone's local directory). Unfortunately the phone
> only supports LDAP for its directory function.
>
> On 2016-12-23 05:21, Jim Kinney wrote:
>> Hah, hah. I don't think of hard drive space or package count any more. For me,
>> an application that pulls in 150 dependencies and requires 280 MB when installed
>> is nothing when it's on a system with 6 4TB drives in a RAID6.
>>
>> As I use freeipa at work, it's pretty easy to setup and it includes automatic
>> replication. Since I don't have to do a zillion configuration steps before it
>> runs, that's "lightweight" for me.
>>
>> Yeah. Freeipa is overkill for just storing names and phone numbers. A flat file
>> and a grep search is really light and fast enough up to many hundreds of
>> entries. Slap a tiny perl/python/ruby web front end on it and call it a day.
>>
>> On Dec 22, 2016 10:37 PM, "DJ-Pfulio" <DJPfulio at jdpfu.com
>> <mailto:DJPfulio at jdpfu.com>> wrote:
>>
>> And FreeIPA meets those requirements? Truly?
>> $ sudo apt install freeipa-server
>> Reading package lists... Done
>> Building dependency tree
>> Reading state information... Done
>>
>> The following additional packages will be installed:
>> 389-ds-base 389-ds-base-libs ant ant-optional apache2 apache2-bin
>> apache2-data apache2-utils bind9 bind9-dyndb-ldap bind9utils certmonger
>> custodia dogtag-pki-server-theme fonts-font-awesome freeipa-admintools
>> freeipa-client freeipa-common freeipa-server-dns glassfish-activation
>> ieee-data junit krb5-admin-server krb5-config krb5-kdc krb5-kdc-ldap
>> krb5-pkinit krb5-user ldap-utils libantlr-java libapache-pom-java
>> libapache2-mod-auth-gssapi libapache2-mod-nss libapache2-mod-wsgi libapr1
>> libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap libargs4j-java
>> libatinject-jsr330-api-java libatk-wrapper-java libatk-wrapper-java-jni
>> libbasicobjects0 libbsh-java libc-ares2 libclassworlds-java
>> libcodemodel-java libcollection4 libcommons-cli-java libcommons-codec-java
>> libcommons-collections3-java libcommons-dbcp-java
>> libcommons-httpclient-java
>> libcommons-io-java libcommons-lang-java libcommons-logging-java
>> libcommons-net2-java libcommons-parent-java libcommons-pool-java
>> libcurl3-nss libdbd-sqlite3-perl libdbi-perl libdhash1 libdom4j-java
>> libdoxia-core-java libdtd-parser-java libecj-java libexcalibur-logkit-java
>> libfastinfoset-java libgssrpc4 libguava-java libhsm-bin libhttpclient-java
>> libhttpcore-java libini-config5 libipa-hbac0 libirs141 libisorelax-java
>> libistack-commons-java libjackson-json-java libjackson2-annotations-java
>> libjackson2-core-java libjackson2-databind-java
>> libjackson2-dataformat-smile
>> libjackson2-jaxrs-providers-java libjackson2-module-jaxb-annotations-java
>> libjavassist-java libjaxb-api-java libjaxb-java libjaxen-java
>> libjaxp1.3-java libjdom1-java libjettison-java libjing-java
>> libjoda-convert-java libjoda-time-java libjs-dojo-core libjs-dojo-dijit
>> libjs-dojo-dojox libjsch-java libjsoup-java libjsr305-java
>> libjsr311-api-java libjss-java libkadm5clnt-mit9 libkadm5srv-mit9
>> libkdb5-8
>> libkrad0 libldap-java libldns1 liblog4j1.2-java
>> libmaven-file-management-java libmaven-shared-io-java libmaven2-core-java
>> libmozilla-ldap-perl libmsv-java libnetaddr-ip-perl libnss-sss libnss3-1d
>> libnss3-tools libnuxwdog-java libnuxwdog0 liboro-java libpam-pwquality
>> libpam-sss libpath-utils1 libperl4-corelibs-perl
>> libplexus-ant-factory-java
>> libplexus-archiver-java libplexus-bsh-factory-java libplexus-cipher-java
>> libplexus-classworlds-java libplexus-container-default-java
>> libplexus-containers-java libplexus-interactivity-api-java
>> libplexus-interpolation-java libplexus-io-java
>> libplexus-sec-dispatcher-java
>> libplexus-utils-java libref-array1 librelaxng-datatype-java
>> librelaxngcc-java libresteasy-java librngom-java
>> libsasl2-modules-gssapi-mit
>> libsaxon-java libsaxonhe-java libscannotation-java libservlet2.5-java
>> libservlet3.0-java libslf4j-java libsocket-getaddrinfo-perl
>> libsocket6-perl
>> libsofthsm2 libsss-idmap0 libsss-nss-idmap0 libsss-sudo libstax-ex-java
>> libstax-java libstreambuffer-java libsvrcore0 libtomcat7-java
>> libtomcat8-java libtomcatjss-java libtxw2-java libverto-libevent1
>> libverto1
>> libwagon-java libwerken.xpath-java libxalan2-java libxbean-java
>> libxerces2-java libxml-commons-external-java
>> libxml-commons-resolver1.1-java
>> libxmlrpc-core-c3 libxom-java libxpp2-java libxpp3-java libxsom-java
>> libyaml-snake-java memcached oddjob oddjob-mkhomedir opendnssec
>> opendnssec-common opendnssec-enforcer opendnssec-enforcer-sqlite3
>> opendnssec-signer pki-base pki-ca pki-kra pki-server pki-tools python-cffi
>> python-cffi-backend python-cryptography python-custodia python-dateutil
>> python-decorator python-dnspython python-enum34 python-gssapi python-idna
>> python-ipaclient python-ipaddress python-ipalib python-ipaserver
>> python-jwcrypto python-kdcproxy python-ldap python-libipa-hbac
>> python-libsss-nss-idmap python-memcache python-netaddr python-nss
>> python-ply
>> python-pyasn1 python-pycparser python-qrcode python-selinux
>> python-setuptools python-sss python-systemd python-usb python-yubico
>> slapi-nis softhsm2 softhsm2-common sssd sssd-ad sssd-ad-common sssd-common
>> sssd-ipa sssd-krb5 sssd-krb5-common sssd-ldap sssd-proxy tomcat7-common
>> tomcat7-user velocity
>> Suggested packages:
>> ant-doc ant-gcj default-jdk | java-compiler | java-sdk ant-optional-gcj
>> antlr javacc jython libbcel-java libbsf-java libcommons-net-java
>> libgnumail-java libjdepend-java libregexp-java apache2-doc
>> apache2-suexec-pristine | apache2-suexec-custom bind9-doc libpam-krb5
>> junit-doc openbsd-inetd | inet-superserver opensc
>> libatinject-jsr330-api-java-doc libclassworlds-java-doc
>> libcommons-collections3-java-doc libcommons-dbcp-java-doc
>> libgeronimo-jta-1.1-spec-java libcommons-httpclient-java-doc
>> libcommons-io-java-doc libcommons-lang-java-doc libavalon-framework-java
>> libcommons-logging-java-doc libcommons-net2-java-doc libclone-perl
>> libmldbm-perl libnet-daemon-perl libsql-statement-perl libdom4j-java-doc
>> libdtd-parser-java-doc ecj libecj-java-gcj krb5-doc
>> libjackson-json-java-doc
>> libjackson2-annotations-java-doc libjackson2-core-java-doc
>> libjackson2-databind-java-doc libjackson2-dataformat-smile-doc
>> libjaxp1.3-java-gcj libjdom1-java-doc libjoda-convert-java-doc
>> libjoda-time-java-doc libjsoup-java-doc libjsr305-java-doc
>> liblog4j1.2-java-doc libmaven-file-management-java-doc
>> libmaven-shared-io-java-doc libplexus-cipher-java-doc
>> libplexus-classworlds-java-doc libplexus-container-default-java-doc
>> libplexus-interactivity-api-java-doc libplexus-interpolation-java-doc
>> libplexus-sec-dispatcher-java-doc libplexus-utils-java-doc
>> libsaxon-java-doc
>> libstax-java-doc tomcat7 tomcat8 libwagon-java-doc libxalan2-java-doc
>> libxsltc-java groovy2 libequinox-osgi-java libosgi-compendium-java
>> libosgi-core-java libqdox-java libspring-beans-java libspring-context-java
>> libspring-core-java libspring-web-java libxerces2-java-doc
>> libxerces2-java-gcj libxml-commons-resolver1.1-java-doc libxom-java-doc
>> libcache-memcached-perl libmemcached libyaml-perl libterm-readkey-perl
>> opendnssec-doc python-dev python-cryptography-doc
>> python-cryptography-vectors python-enum34-doc python-ldap-doc ipython
>> python-netaddr-docs python-ply-doc doc-base python-setuptools-doc
>> sssd-tools
>> libsasl2-modules-ldap tomcat7-docs tomcat7-admin tomcat7-examples
>> velocity-doc
>> The following NEW packages will be installed:
>> 389-ds-base 389-ds-base-libs ant ant-optional apache2 apache2-bin
>> apache2-data apache2-utils bind9 bind9-dyndb-ldap bind9utils certmonger
>> custodia dogtag-pki-server-theme fonts-font-awesome freeipa-admintools
>> freeipa-client freeipa-common freeipa-server freeipa-server-dns
>> glassfish-activation ieee-data junit krb5-admin-server krb5-config
>> krb5-kdc
>> krb5-kdc-ldap krb5-pkinit krb5-user ldap-utils libantlr-java
>> libapache-pom-java libapache2-mod-auth-gssapi libapache2-mod-nss
>> libapache2-mod-wsgi libapr1 libaprutil1 libaprutil1-dbd-sqlite3
>> libaprutil1-ldap libargs4j-java libatinject-jsr330-api-java
>> libatk-wrapper-java libatk-wrapper-java-jni libbasicobjects0 libbsh-java
>> libc-ares2 libclassworlds-java libcodemodel-java libcollection4
>> libcommons-cli-java libcommons-codec-java libcommons-collections3-java
>> libcommons-dbcp-java libcommons-httpclient-java libcommons-io-java
>> libcommons-lang-java libcommons-logging-java libcommons-net2-java
>> libcommons-parent-java libcommons-pool-java libcurl3-nss
>> libdbd-sqlite3-perl
>> libdbi-perl libdhash1 libdom4j-java libdoxia-core-java libdtd-parser-java
>> libecj-java libexcalibur-logkit-java libfastinfoset-java libgssrpc4
>> libguava-java libhsm-bin libhttpclient-java libhttpcore-java
>> libini-config5
>> libipa-hbac0 libirs141 libisorelax-java libistack-commons-java
>> libjackson-json-java libjackson2-annotations-java libjackson2-core-java
>> libjackson2-databind-java libjackson2-dataformat-smile
>> libjackson2-jaxrs-providers-java libjackson2-module-jaxb-annotations-java
>> libjavassist-java libjaxb-api-java libjaxb-java libjaxen-java
>> libjaxp1.3-java libjdom1-java libjettison-java libjing-java
>> libjoda-convert-java libjoda-time-java libjs-dojo-core libjs-dojo-dijit
>> libjs-dojo-dojox libjsch-java libjsoup-java libjsr305-java
>> libjsr311-api-java libjss-java libkadm5clnt-mit9 libkadm5srv-mit9
>> libkdb5-8
>> libkrad0 libldap-java libldns1 liblog4j1.2-java
>> libmaven-file-management-java libmaven-shared-io-java libmaven2-core-java
>> libmozilla-ldap-perl libmsv-java libnetaddr-ip-perl libnss-sss libnss3-1d
>> libnss3-tools libnuxwdog-java libnuxwdog0 liboro-java libpam-pwquality
>> libpam-sss libpath-utils1 libperl4-corelibs-perl
>> libplexus-ant-factory-java
>> libplexus-archiver-java libplexus-bsh-factory-java libplexus-cipher-java
>> libplexus-classworlds-java libplexus-container-default-java
>> libplexus-containers-java libplexus-interactivity-api-java
>> libplexus-interpolation-java libplexus-io-java
>> libplexus-sec-dispatcher-java
>> libplexus-utils-java libref-array1 librelaxng-datatype-java
>> librelaxngcc-java libresteasy-java librngom-java
>> libsasl2-modules-gssapi-mit
>> libsaxon-java libsaxonhe-java libscannotation-java libservlet2.5-java
>> libservlet3.0-java libslf4j-java libsocket-getaddrinfo-perl
>> libsocket6-perl
>> libsofthsm2 libsss-idmap0 libsss-nss-idmap0 libsss-sudo libstax-ex-java
>> libstax-java libstreambuffer-java libsvrcore0 libtomcat7-java
>> libtomcat8-java libtomcatjss-java libtxw2-java libverto-libevent1
>> libverto1
>> libwagon-java libwerken.xpath-java libxalan2-java libxbean-java
>> libxerces2-java libxml-commons-external-java
>> libxml-commons-resolver1.1-java
>> libxmlrpc-core-c3 libxom-java libxpp2-java libxpp3-java libxsom-java
>> libyaml-snake-java memcached oddjob oddjob-mkhomedir opendnssec
>> opendnssec-common opendnssec-enforcer opendnssec-enforcer-sqlite3
>> opendnssec-signer pki-base pki-ca pki-kra pki-server pki-tools python-cffi
>> python-cffi-backend python-cryptography python-custodia python-dateutil
>> python-decorator python-dnspython python-enum34 python-gssapi python-idna
>> python-ipaclient python-ipaddress python-ipalib python-ipaserver
>> python-jwcrypto python-kdcproxy python-ldap python-libipa-hbac
>> python-libsss-nss-idmap python-memcache python-netaddr python-nss
>> python-ply
>> python-pyasn1 python-pycparser python-qrcode python-selinux
>> python-setuptools python-sss python-systemd python-usb python-yubico
>> slapi-nis softhsm2 softhsm2-common sssd sssd-ad sssd-ad-common sssd-common
>> sssd-ipa sssd-krb5 sssd-krb5-common sssd-ldap sssd-proxy tomcat7-common
>> tomcat7-user velocity
>> 0 upgraded, 241 newly installed, 0 to remove and 13 not upgraded.
>> Need to get 71.3 MB of archives.
>> After this operation, 169 MB of additional disk space will be used.
>> Do you want to continue? [Y/n] N
>>
>> NNNNNNNNNNNNNNNNNNNNNNN!!!!!!!!!!
>>
>>
>> Light? Nope.
>>
>>
>>
>>
>> On 12/22/2016 10:10 PM, Jim Kinney wrote:
>> > Hmm. You could do this in freeipa. It has a phone number field by
>> > default. Plus a web gui that's easy. Create users but don't allow them
>> > access to a machine.
>> >
>> > On Dec 22, 2016 7:17 PM, "Alex Carver" <agcarver+ale at acarver.net
>> <mailto:agcarver%2Bale at acarver.net>
>> > <mailto:agcarver%2Bale at acarver.net
>> <mailto:agcarver%252Bale at acarver.net>>> wrote:
>> >
>> > Need some recommendations for a very low resource LDAP server that is
>> > easy to configure/administer.
>>
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org <mailto:Ale at ale.org>
>> http://mail.ale.org/mailman/listinfo/ale
>> <http://mail.ale.org/mailman/listinfo/ale>
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo <http://mail.ale.org/mailman/listinfo>
>>
>>
>>
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> http://mail.ale.org/mailman/listinfo/ale
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
>>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
--
Got Linux? Used on smartphones, tablets, desktop computers, media
centers, and servers by kids, Moms, Dads, grandparents and IT
professionals.
More information about the Ale
mailing list