README (revision 87)


mod_ldap v2.8.21
================

mod_ldap is a module that allows proftpd to do user authentication and
name/UID lookups against an LDAP database.

**Please note:** Read the CHANGES section below for mod_ldap v2.8 changes;
some significant changes have been made. Do *NOT* upgrade to mod_ldap v2.8
or later before reading the CHANGES section.

Sections:
1. Author
2. How do I set up mod_ldap?
3. Changes
4. To Do
5. Thanks


=========
1. Author
=========

John Morrissey, <jwm@horde.net>, http://horde.net/~jwm/software/mod_ldap/.
Feedback is much appreciated. If you're using mod_ldap successfully, are
having problems getting mod_ldap up and running at your site, or have some
code improvements or ideas for development, please let me know!


============================
2. How do I set up mod_ldap?
============================

If you are using a version of mod_ldap included with a ProFTPD release,
you can simply:

* tar xvzf proftpd-version.tar.gz
* If you wish to use a newer version of mod_ldap that is not yet included
  with a release version of ProFTPD, download the file mod_ldap.c and say:

    cp -f mod_ldap.c proftpd-version/contrib

* cd proftpd-version
* ./configure --with-modules=mod_ldap
* make
* make install
* If your LDAP server runs OpenLDAP 1.x, you need to add schema definitions. 
  Add the contents of posixAccount-objectclass to your slapd.oc.conf and
  restart your LDAP server. If you plan on using mod_ldap for group lookups,
  also add the contents of posixGroup-objectclass. OpenLDAP 2.x (and most
  other LDAP servers) ship with these schema predefined.
* The 'user-ldif' file contains a sample user ldif. Modify it to your liking
  and say ldapadd -D your-root-dn -w your-root-dn-password < ldif
* You are *strongly* encouraged to read up on the LDAP config-file
  directives in proftpd-version/doc/Configuration.html. At bare minimum,
  you'll need to have LDAPServer, LDAPDNInfo, and LDAPDoAuth configuration
  directives in your proftpd.conf.

  A set of basic mod_ldap configuration directives would look like:

    LDAPServer            localhost
    LDAPDNInfo            cn=your-dn,dc=example,dc=com dnpass
    LDAPDoAuth            on "dc=users,dc=example,dc=com"

  Of course, you will need to update these configuration directives with
  the proper values for your environment.

==========
3. Changes
==========

Please see the CHANGES file.


========
4. To Do
========

* Debugging information needs to be significantly improved. Currently, error
  messages (with the complete LDAP error message) are logged for any
  failures, but it would be nice to have extended debugging information.
* shadowAccount objectclass stuff - inactive, expiration, etc - Is there
  any demand for this? It's been months since I've heard anyone express
  interest.


=========
5. Thanks
=========

* Everyone listed in mod_ldap.c for contributing code.

* James (james at wwnet dot net) for a copy of his LDAP module that he never
  released
* Krzysztof Dabrowski (brush at pol dot pl) for some big virtual-user ideas
* Peter Deacon (peterd at iea-software dot com) for ideas 
* Peter Fabian (fabian at staff dot matavnet dot hu) for ideas and a tested
  platform
* Justin Hahn (jeh at profitlogic dot com) for good ideas and debate
* Ralf Kruedewagen (Ralf dot Kruedewagen at meocom dot de) for a tested
  platform
* Steve Luzynski (steve at uniteone dot net) for extra help/testing/feedback
* Scott Murphy (smurphy at berbee dot com) for a trouble report 
* Marcin Obara for lots of testing
* Miguel Barreiro Paz (mbpaz at edu dot aytolacoruna dot es) for a supported
  platform and new supported LDAP server
* Everyone else who has sent feedback, bug reports, feature requests,
  and ideas.

Loggerhead 1.17 is a web-based interface for Bazaar branches

Line	Revision	Contents
1	83	mod_ldap v2.8.21
2	17	================
3	4
4		mod_ldap is a module that allows proftpd to do user authentication and
5		name/UID lookups against an LDAP database.
6
7	13	Please note: Read the CHANGES section below for mod_ldap v2.8 changes;
8		some significant changes have been made. Do NOT upgrade to mod_ldap v2.8
9	16	or later before reading the CHANGES section.
10	4
11		Sections:
12	13	1. Author
13		2. How do I set up mod_ldap?
14	15	3. Changes
15	13	4. To Do
16		5. Thanks
17
18
19		=========
20		1. Author
21		=========
22
23		John Morrissey, <jwm@horde.net>, http://horde.net/~jwm/software/mod_ldap/.
24		Feedback is much appreciated. If you're using mod_ldap successfully, are
25		having problems getting mod_ldap up and running at your site, or have some
26		code improvements or ideas for development, please let me know!
27	36
28	4
29		============================
30	13	2. How do I set up mod_ldap?
31	4	============================
32
33	10	If you are using a version of mod_ldap included with a ProFTPD release,
34		you can simply:
35
36	13	* tar xvzf proftpd-version.tar.gz
37		* If you wish to use a newer version of mod_ldap that is not yet included
38		with a release version of ProFTPD, download the file mod_ldap.c and say:
39
40		cp -f mod_ldap.c proftpd-version/contrib
41
42		* cd proftpd-version
43		* ./configure --with-modules=mod_ldap
44		* make
45		* make install
46		* If your LDAP server runs OpenLDAP 1.x, you need to add schema definitions.
47		Add the contents of posixAccount-objectclass to your slapd.oc.conf and
48		restart your LDAP server. If you plan on using mod_ldap for group lookups,
49		also add the contents of posixGroup-objectclass. OpenLDAP 2.x (and most
50		other LDAP servers) ship with these schema predefined.
51		* The 'user-ldif' file contains a sample user ldif. Modify it to your liking
52		and say ldapadd -D your-root-dn -w your-root-dn-password < ldif
53		* You are strongly encouraged to read up on the LDAP config-file
54		directives in proftpd-version/doc/Configuration.html. At bare minimum,
55		you'll need to have LDAPServer, LDAPDNInfo, and LDAPDoAuth configuration
56		directives in your proftpd.conf.
57
58		A set of basic mod_ldap configuration directives would look like:
59	10
60		LDAPServer localhost
61	13	LDAPDNInfo cn=your-dn,dc=example,dc=com dnpass
62		LDAPDoAuth on "dc=users,dc=example,dc=com"
63
64		Of course, you will need to update these configuration directives with
65		the proper values for your environment.
66
67	15	==========
68		3. Changes
69		==========
70
71		Please see the CHANGES file.
72	13
73	36
74	13	========
75		4. To Do
76		========
77
78		* Debugging information needs to be significantly improved. Currently, error
79		messages (with the complete LDAP error message) are logged for any
80		failures, but it would be nice to have extended debugging information.
81		* shadowAccount objectclass stuff - inactive, expiration, etc - Is there
82		any demand for this? It's been months since I've heard anyone express
83		interest.
84	36
85	13
86		=========
87		5. Thanks
88		=========
89
90		* Everyone listed in mod_ldap.c for contributing code.
91
92		* James (james at wwnet dot net) for a copy of his LDAP module that he never
93		released
94		* Krzysztof Dabrowski (brush at pol dot pl) for some big virtual-user ideas
95		* Peter Deacon (peterd at iea-software dot com) for ideas
96		* Peter Fabian (fabian at staff dot matavnet dot hu) for ideas and a tested
97		platform
98		* Justin Hahn (jeh at profitlogic dot com) for good ideas and debate
99		* Ralf Kruedewagen (Ralf dot Kruedewagen at meocom dot de) for a tested
100		platform
101		* Steve Luzynski (steve at uniteone dot net) for extra help/testing/feedback
102		* Scott Murphy (smurphy at berbee dot com) for a trouble report
103		* Marcin Obara for lots of testing
104		* Miguel Barreiro Paz (mbpaz at edu dot aytolacoruna dot es) for a supported
105		platform and new supported LDAP server
106		* Everyone else who has sent feedback, bug reports, feature requests,
107		and ideas.