--- /dev/null
+---- Changes since 1.380 ----
+First version of this module, for configuring the OpenLDAP server and managing its database.
--- /dev/null
+<header>LDAP Access Control</header>
+
+By default, an LDAP server allows any client that can connect to read all
+objects and attributes in the database. However, only the administrative user
+can perform updates. This may not be ideal for networks that have users with
+different levels of trust though, so OpenLDAP allows you to grant varying
+access levels to different users on different parts of the database. <p>
+
+This page lists all access controls rules currently defined, if any. To create a
+new one, click the <b>Add a new access control rule</b> link. To remove several
+rules at once, check the boxes next to them and hit the <b>Delete Selected
+Rules</b> button. To change the ordering of rules, use the up and down arrows
+on the right-hand side of the table. <p>
+
+As with most other LDAP server configuration changes, access control rules will
+not take effect until the <b>Apply Configuration</b> button is clicked on the
+module's main page. <p>
+
+<footer>
+
--- /dev/null
+<header>LDAP Server</header>
+
+This module allows you to configure the OpenLDAP directory server, and manage
+objects in its database. Assuming that you have the LDAP server installed on
+the same system as Webmin, the main page will show icons for editing the
+server configuration and managing the database. If the module is configured to
+talk to a remote LDAP server, it will instead only show icons for accessing
+the database. <p>
+
+You can control whether it uses a local or remote server by clicking on the
+<b>Module Config</b> link. Only when managing a local server will pages
+be available to edit configuration files and stop, start and restart the
+OpenLDAP server process. <p>
+
+If you are looking for a way to manage Unix users and groups in your LDAP
+database, try the <b>LDAP Users and Groups</b> module under the Webmin
+<b>System</b> category instead. To configure a system to fetch users and groups
+from a local or remote LDAP server, use the <b>LDAP Client</b> module, also
+under the <b>System</b> category. <p>
+
+<footer>
+
--- /dev/null
+<header>Manage Schema</header>
+
+The LDAP schema determines which object classes and attributes can be stored in
+your LDAP database. This page allows you to select which schema types are
+supported by your server, using the checkbox next to each schema file name.
+Once you have made changes, click <b>Save</b> to update the OpenLDAP
+configuration file, then <b>Apply Configuration</b> on the main page to
+activate them. <p>
+
+Be careful de-selecting existing schema files though, as this may break your
+LDAP server if objects already exist in the database using the attributes
+defined in those files. The <b>core</b> schema which contains the most basic
+LDAP classes cannot be de-selected. <p>
+
+The ordering of schemas is important, as later schemas can only refer to
+attributes defined previously. You can re-order the list using the up and down
+arrows on this page, but again this should be done with care for existing
+schemas in order to avoid breaking the LDAP database. <p>
+
+To see what classes and attributes a schema defines, click on it's <b>View</b>
+link. If you are familiar with the schema format and want to edit a file,
+click <b>Edit</b> instead. <p>
+
+<footer>
+
--- /dev/null
+<header>OpenLDAP Server Configuration</header>
+
+This page allows you to configure global settings for your OpenLDAP server,
+such as the root DN for the database, administration login, cache sizes
+and SSL certificates. The most commonly changed fields are :
+
+<dl>
+<dt><b>Root DN for LDAP database</b>
+<dd>This field is for entering the DN (distinguished name) under which all
+ objects in your LDAP database must be stored. Typically it should be changed
+ to something matching your company or organization's name, like
+ <i>dc=yourcompany,dc=com</i>. But you are free to enter anything as long
+ as it is correctly formatted. <p>
+
+<dt><b>Administration login DN</b>
+<dd>This is effectively the <tt>root</tt> user for your LDAP database. It should
+ be a DN under your root set in the above field, like
+ <i>cn=Manager,dc=yourcompany,dc=com</i>. <p>
+
+<dt><b>Administration password</b>
+<dd>This field shows the current password (possibly encrypted), and an option
+ to enter a new one. If you change the password, the module will use it
+ automatically when connecting to the database to make changes. <p>
+
+</dl>
+
+Any changes made on this page will not take effect until the <b>Apply
+Configuration</b> button is clicked on the module's main page. <p>
+
+If you want your LDAP server to accept TLS encrypted connections, you must first
+generate an SSL certificate and public key. This can be mostly automated by
+clicking the <b>Generate SSL Certificate</b> button at the bottom of the page.
+<p>
+
+<footer>
+
desc=LDAP Server
longdesc=Manage the OpenLDAP server and objects in its database
category=servers
+perldepends=Net::LDAP
projects / webmin.git / commitdiff