To Do List Bacula and LDAP

April 13th, 2008

If I keep telling myself to do this stuff, eventually I will!* Setup a bacula server and service to regularly back everything up* Setup LDAP for nss on all servers


I want to use this with ldap:

I've followed NSSLDAPSetup on the Debian wiki and I ran into an issue where I had to use:


instead of:

uri ldap://

Cool! I think I got it working. So the very cool part about this is the the 'nss_updatedb ldap passwd" does exactly what I'd hoped it would do. Its not a cache, its a local copy. Cool!

Actually nss_update is only for passwd and group, so that leaves shadow. It is suggested in the nss_updatedb README that libpam_ccreds can be used for that function.

More notes here:

LDAP Notes at Docunext

To-do list: * Improve admin security * Stop using debconf for libnss_ldap.conf and pam_ldap.conf and instead use csync2?* Ensure replication across VPNs


The progress is going well. Migrating additional machines after the first few is quite easy. I'm a little concerned about disconnected access, but I guess if the machine is disconnected, I wouldn't be able to ssh in anyway.

Bacula / Backups

John Goerzen has a great post about the latest and greatest backup utilities:

I've tried duplicity and wasn't thrilled, but dar sounds awesome.

UPDATE April 14, 2008 - I just realized that John Goerzen is the author of offlineimap - that's awsome! I love that program. :-)

This looks pretty good too:

Yearly Indexes: 2003 2004 2006 2007 2008 2009 2010 2011 2012 2013 2015 2019 2020 2022