LDAP server with 389ds: Part 5 – Backup
Now that our 389ds instance is fully configured and ready to go, let’s have a look at how to back it up and potentially restore it if a disaster occurs.
Category Archives: Uncategorized
LDAP server with 389ds: Part 4 – Security
In part 3 we’ve looked at ACLs and how to use them to restrict privileges of directory users. Unfortunately it’s still possible to access the 389 Directory Server instance that we’ve created all the way back in part 1 anonymously (i.e. without authenticating as a directory user) which renders the ACLs somewhat pointless. So it’s time to tighten up security… Read more »
LDAP server with 389ds: Part 3 – ACLs
Now that we’ve set up an instance of the 389 Directory Server in part 1 and configured essential plugins in part 2, it’s time to take a closer look at access-control list (ACLs). After all, regular users of the directory shouldn’t be able to change data that they’re not supposed to or have universal read access in most use cases.
LDAP server with 389ds: Part 2 – Quality-of-life plugins
In part 1 we’ve looked at how to install 389 Directory Server and create an instance. While this left us with a fully working LDAP server there are some plugins that greatly increase quality of life and might even be considered essential.
LDAP server with 389ds: Part 1 – Installation
The Lightweight Directory Access Protocol or LDAP for short has been around for quite a while. While more modern technologies like OpenID, OAuth or SAML are often used for authentication and authorisation purposes when it comes to applications, APIs etc. on the internet these days, LDAP is still widely used for various use cases. For same-sign on purposes it is… Read more »
Enabling ‘reserved host RAM’ on VMWare Wokstation Player
VMware’s Workstation Player checks how much swap space is available before starting up any virtual machine. If the host’s available swap space isn’t at lest 50% of the VM’s memory it spits out a warning: VMWare Workstation Player showing error message due to too little swap being available Unfortunately the GUI does not offer an option to change this behavior… Read more »
Mounting a VHD disk image file
On Linux qemu-nbd can be used to access disk images in different formats as if they were block devices. For example, to mount a VHD file run To unmount and disconnect the nbd device run
Converting a disk image to VHD for Azure
Currently the Fedora projects provides cloud images as qcow2 and raw disk files. Microsoft’s Azure however only supports VHD files. Fortunately qemu-img can convert between those formats: Note that the subformat options fixed and force_size are required for Azure to be able to use the disk image since Azure only supports fixed sized disks.
Building a custom Fedora image to run on Google Compute Engine
Thankfully the Fedora Project provides cloud images that can be directly used or easily modified to run on almost any cloud environment. Though sometimes, it can be handy to build your own image.
Running Fedora 27 on Google Compute Engine
Usually Linux distributions with a long life cycle like RHEL (or its free derivative CentOS), Debian or SLES are the way to go for virtual machines in a cloud environment. But sometimes you need to be a little bit closer to upstream. Maybe because your applications relies on newer version of some packages that are not (easily) available on distributions… Read more »