We don’t have to throw the baby out with the bathwater. RBAC has many good aspects that we’d like to preserve. It’s standards-based, meaning various implementations should interoperate. It works, and is already in place, pretty much everywhere. But we’d like to be able to sprinkle in a bit of context, allowing us to fix the role explosion problem, without breaking its interoperability, or bringing in another implementation, with yet another protocol.
389-ds and Red Hat Directory Server are being touted as Red Hat’s LDAP server solutions on future versions of their OS, but the fine print has some surprises.
This post describes how Apache Fortress and OpenLDAP can be placed into a highly-available configuration. Apache Fortress provides Identity and Access Management APIs over HTTP using either JSON or REST formats. OpenLDAP is where the data is stored and maintained.
This document describes how to setup a VIP (Virtual IP Address) over 2 servers (fortress1 and fortress2). The concepts should work on any platform but were tailored for Redhat7.
This document describes the preparation of two OpenLDAP server instances, each running on separate machines, into a multi-master configuration, suited for Apache Fortress.
Directory Information Tree (DIT) Layout. This is step 2 of a 3 step process.
This is step 3 of a 3 step process to create a High-Available configuration between Apache Fortress and Symas OpenLDAP.
50% of networks and websites that aren’t using 2FA are open to shared-password attacks. Is yours one of them? How many of the users in your network use the same password on external sites with questionable security? Ondrej Kuznik offers insight on how OpenLDAP users can implement 2FA today. Click to learn how.
Passwords, everyone loves to hate them and still, in the era of digital certificates, fingerprints, and voice recognition, we use them on a daily basis and want users to memorize tens of different complex passwords. So they cheat and passwords get reused, written down on a piece of paper, you name it. Not that service providers always get this right either.
Symas corporation to now offer OpenLDAP for Linux Support Packages for any 3rd party distribution. Click to learn more.
Through the years that followed, despite university staff turnover and other changes, they have retained Symas to provide “additional brain power,” staff training and software maintenance.