LDAP¡ÊLightweight Directory Access Protocol¡Ë¤Ç¤¹¡£
ǧ¾Ú¤Î¥×¥í¥È¥³¥ë¤Ç¤Ï¡¢Radius¥×¥í¥È¥³¥ë¡¢ActiveDirectory¡¢LDAP¤Î3¤Ä¤¬¤è¤¯ÍøÍѤµ¤ì¤Þ¤¹¡£

Radius¥µ¡¼¥Ð¤âAD¥µ¡¼¥Ð¤â¡¢¤É¤Á¤é¤â¥æ¡¼¥¶¾ðÊó¤ò»ý¤Ã¤¿Ç§¾Ú¥µ¡¼¥Ð¤Ç¤¹¤è¤Í¡£
LDAP¤âƱ¤¸¤Ç¤¹¤«¡©
¤Ï¤¤¡¢¤½¤¦¹Í¤¨¤Æ¤¯¤À¤µ¤¤¡£Radius¤Ë¤·¤Æ¤â¤½¤¦¤Ç¤¹¤¬¡¢Radius¤Ï¥×¥í¥È¥³¥ë¤Ç¤¢¤ê¡¢Ç§¾Ú¥µ¡¼¥Ð¤ÏRadius¥µ¡¼¥Ð¤È¸Æ¤Ð¤ì¤Þ¤¹¡£LDAP¤âƱ¤¸¤Ç¡¢LDAP¤Ï¥×¥í¥È¥³¥ë¤Ç¤¹¤¬¡¢LDAP¥µ¡¼¥Ð¤È¤¤¤¦¤È¡¢¥æ¡¼¥¶¾ðÊó¤ò»ý¤Ã¤¿Ç§¾Ú¥µ¡¼¥Ð¤ò»Ø¤·¤Þ¤¹¡£
¢¨AD¤Ë´Ø¤·¤Æ¤Ï¡¢¥×¥í¥È¥³¥ë¤ÏNTLMv2¤Ê¤É¤ò»È¤¤¤Þ¤¹¡£
RADIUS¥µ¡¼¥Ð¤ÈLDAP¥µ¡¼¥Ð¤Î»È¤¤Ê¬¤±¤Ï¤É¤¦¤¹¤ë¤Î¤Ç¤¹¤«¡©
³°Éô¤«¤é¤Î¥ê¥â¡¼¥È¥¢¥¯¥»¥¹¤ä̵ÀþLAN¤Îǧ¾Ú¤Ê¤É¤Î¥æ¡¼¥¶Ç§¾Ú¤Ç¤ÏRADIUS¤¬ÍøÍѤµ¤ì¤Þ¤¹¡£°ìÊý¡¢LDAP¥µ¡¼¥Ð¤Ï¡¢¥Ç¥£¥ì¥¯¥È¥ê¥µ¡¼¥Ó¥¹¤ÇÍøÍѤµ¤ì¤Þ¤¹¡£¥Ç¥£¥ì¥¯¥È¥ê¥µ¡¼¥Ó¥¹¤Ç¤¹¤«¤é¡¢³¬Áع½Â¤¤Ç´ÉÍý¤µ¤ì¤ë¼Ò°÷¤Î¾ðÊ󤪤è¤ÓÉô½ð¤ä¥¢¥¯¥»¥¹¸¢¤Ê¤É¡¢Â¿¤¯¤Î¾ðÊó¤ò´ÉÍý¤Ç¤¤Þ¤¹¡£¤½¤ì¤é¤ÎÊ£»¨¤Ê¼Ò°÷¤Î°À¾ðÊó¤ò´ÉÍý¤¹¤ë¾ì¹ç¤Ë¡¢LDAP¥µ¡¼¥Ð¤ª¤è¤ÓLDAP¤Î¥×¥í¥È¥³¥ë¤¬ÍøÍѤµ¤ì¤Þ¤¹¡£
²áµîÌä¡ÊH22½©SC¸á¸å¶Ìä2¡Ë¤ò¤ß¤Æ¤ß¤Þ¤·¤ç¤¦¡£
¤µ¤Æ¡¢¶õÍó¤Ç¤¹¤¬¡¢°Ê²¼¤¬Æþ¤ê¤Þ¤¹¡£
b¡¡¥¹¥¡¼¥Þ
c¡¡LDIF
¡¡
LDAP¤ÎÄÌ¿®¤Ï°Å¹æ²½¤µ¤ì¤Æ¤¤¤Þ¤¹¤«¡©
¤¤¤¨¡¢¤Ï°Å¹æ²½¤µ¤ì¤Æ¤¤¤Ê¤¤¤Î¤Ç¡¢°Å¹æ²½¤¹¤ë¤Ë¤ÏLDAP over TLS¤ò»È¤¤¤Þ¤¹¡£
²áµîÌä¡ÊH21½ÕSC¸áÁ°¶¡Ë¤ò¤ß¤Æ¤ß¤Þ¤·¤ç¤¦¡£
¢ÍÀµ²ò¤Ï¥¢
¥¤¤Ë´Ø¤·¤Æ¤Ï¡¢LDAP over TLS¤ò»È¤¦¤³¤È¤ÇÄÌ¿®ÆâÍÆ¤ò°Å¹æ²½¤¹¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¡£
ǧ¾Ú¤Î¥×¥í¥È¥³¥ë¤Ç¤Ï¡¢Radius¥×¥í¥È¥³¥ë¡¢ActiveDirectory¡¢LDAP¤Î3¤Ä¤¬¤è¤¯ÍøÍѤµ¤ì¤Þ¤¹¡£

Radius¥µ¡¼¥Ð¤âAD¥µ¡¼¥Ð¤â¡¢¤É¤Á¤é¤â¥æ¡¼¥¶¾ðÊó¤ò»ý¤Ã¤¿Ç§¾Ú¥µ¡¼¥Ð¤Ç¤¹¤è¤Í¡£
LDAP¤âƱ¤¸¤Ç¤¹¤«¡©
¤Ï¤¤¡¢¤½¤¦¹Í¤¨¤Æ¤¯¤À¤µ¤¤¡£Radius¤Ë¤·¤Æ¤â¤½¤¦¤Ç¤¹¤¬¡¢Radius¤Ï¥×¥í¥È¥³¥ë¤Ç¤¢¤ê¡¢Ç§¾Ú¥µ¡¼¥Ð¤ÏRadius¥µ¡¼¥Ð¤È¸Æ¤Ð¤ì¤Þ¤¹¡£LDAP¤âƱ¤¸¤Ç¡¢LDAP¤Ï¥×¥í¥È¥³¥ë¤Ç¤¹¤¬¡¢LDAP¥µ¡¼¥Ð¤È¤¤¤¦¤È¡¢¥æ¡¼¥¶¾ðÊó¤ò»ý¤Ã¤¿Ç§¾Ú¥µ¡¼¥Ð¤ò»Ø¤·¤Þ¤¹¡£
¢¨AD¤Ë´Ø¤·¤Æ¤Ï¡¢¥×¥í¥È¥³¥ë¤ÏNTLMv2¤Ê¤É¤ò»È¤¤¤Þ¤¹¡£

RADIUS¥µ¡¼¥Ð¤ÈLDAP¥µ¡¼¥Ð¤Î»È¤¤Ê¬¤±¤Ï¤É¤¦¤¹¤ë¤Î¤Ç¤¹¤«¡©
³°Éô¤«¤é¤Î¥ê¥â¡¼¥È¥¢¥¯¥»¥¹¤ä̵ÀþLAN¤Îǧ¾Ú¤Ê¤É¤Î¥æ¡¼¥¶Ç§¾Ú¤Ç¤ÏRADIUS¤¬ÍøÍѤµ¤ì¤Þ¤¹¡£°ìÊý¡¢LDAP¥µ¡¼¥Ð¤Ï¡¢¥Ç¥£¥ì¥¯¥È¥ê¥µ¡¼¥Ó¥¹¤ÇÍøÍѤµ¤ì¤Þ¤¹¡£¥Ç¥£¥ì¥¯¥È¥ê¥µ¡¼¥Ó¥¹¤Ç¤¹¤«¤é¡¢³¬Áع½Â¤¤Ç´ÉÍý¤µ¤ì¤ë¼Ò°÷¤Î¾ðÊ󤪤è¤ÓÉô½ð¤ä¥¢¥¯¥»¥¹¸¢¤Ê¤É¡¢Â¿¤¯¤Î¾ðÊó¤ò´ÉÍý¤Ç¤¤Þ¤¹¡£¤½¤ì¤é¤ÎÊ£»¨¤Ê¼Ò°÷¤Î°À¾ðÊó¤ò´ÉÍý¤¹¤ë¾ì¹ç¤Ë¡¢LDAP¥µ¡¼¥Ð¤ª¤è¤ÓLDAP¤Î¥×¥í¥È¥³¥ë¤¬ÍøÍѤµ¤ì¤Þ¤¹¡£
²áµîÌä¡ÊH22½©SC¸á¸å¶Ìä2¡Ë¤ò¤ß¤Æ¤ß¤Þ¤·¤ç¤¦¡£
LDAP¤Î¥¢¥«¥¦¥ó¥È¾ðÊó¤Ç¤Ï, inetOrgPerson¤È¤¤¤Ã¤¿¥ª¥Ö¥¸¥¨¥¯¥È¥¯¥é¥¹¤Ë¤è¤Ã¤ÆÁÈ¿¥¤ÎÍøÍѼԤξðÊó¤ò´ÉÍý¤¹¤ëɸ½àŪ¤Ê[¡¡b¡¡]¤òÍѤ¤¤Æ¤¤¤ë¡£Î㤨¤Ð,À½Éʳ«È¯Éô¤Î¥¹¥º¥¥¿¥í¥¦»á¤¬¼ÒÆâ¤ÇÍøÍѤ¹¤ëLDAPÍѤΥ¢¥«¥¦¥ó¥È¾ðÊó¤ò[¡¡c¡¡]¤Ë¤è¤Ã¤Æ¥Æ¥¥¹¥È·Á¼°¤Ç¼¨¤¹¤È,¿Þ7¤È¤Ê¤ë¡£
|
b¡¡¥¹¥¡¼¥Þ
c¡¡LDIF

LDAP¤ÎÄÌ¿®¤Ï°Å¹æ²½¤µ¤ì¤Æ¤¤¤Þ¤¹¤«¡©
¤¤¤¨¡¢¤Ï°Å¹æ²½¤µ¤ì¤Æ¤¤¤Ê¤¤¤Î¤Ç¡¢°Å¹æ²½¤¹¤ë¤Ë¤ÏLDAP over TLS¤ò»È¤¤¤Þ¤¹¡£
²áµîÌä¡ÊH21½ÕSC¸áÁ°¶¡Ë¤ò¤ß¤Æ¤ß¤Þ¤·¤ç¤¦¡£
Ìä10 ÄÌ¿®¤Î°Å¹æ²½¤Ë´Ø¤¹¤ëµ½Ò¤Î¤¦¤Á,ŬÀڤʤâ¤Î¤Ï¤É¤ì¤«¡£ ¥¢ IPsec¤Î¥È¥é¥ó¥¹¥Ý¡¼¥È¥â¡¼¥É¤Ç¤Ï,¥²¡¼¥È¥¦¥§¥¤´Ö¤ÎÄÌ¿®·ÐÏ©¾å¤À¤±¤Ç¤Ï¤Ê¤¯,ȯ¿®¥Û¥¹¥È¤È¼õ¿®¥Û¥¹¥È¤È¤Î´Ö¤ÎÁ´·ÐÏ©¾å¤Ç¥á¥Ã¥»¡¼¥¸¤¬°Å¹æ²½¤µ¤ì¤ë¡£ ¥¤ LDAP ¥¯¥é¥¤¥¢¥ó¥È¤¬LDAP¥µ¡¼¥Ð¤ËÀÜÅý¤¹¤ë¤È¤,¤½¤ÎÄÌ¿®ÆâÍÆ¤Ï°Å¹æ²½¤¹¤ë¤³¤È¤¬¤Ç¤¤Ê¤¤¡£ ¥¦ S/MME¤Ç°Å¹æ²½¤·¤¿ÅŻҥ᡼¥ë¤Ï,¼õ¿®Â¦¤Î¥á¡¼¥ë¥µ¡¼¥ÐÆâ¤Ë³ÊǼ¤µ¤ì¤Æ¤¤¤ë´Ö¤Ï,¥á¡¼¥ë´ÉÍý¼Ô¤¬Ê¿Ê¸¤È¤·¤Æ¸«¤ë¤³¤È¤¬¤Ç¤¤ë¡£ ¥¨ SSL¤ò»ÈÍѤ¹¤ë¤È,°Å¹æ²½¤µ¤ì¤¿HTMLʸ½ñ¤Ï¥Ö¥é¥¦¥¶¤Ç¥¥ã¥Ã¥·¥å¤ÎÍ̵¤¬ÀßÄê¤Ç¤¤º,¥Ç¥£¥¹¥¯Æâ¤Ëɬ¤ºÊݸ¤µ¤ì¤ë¡£ |
¥¤¤Ë´Ø¤·¤Æ¤Ï¡¢LDAP over TLS¤ò»È¤¦¤³¤È¤ÇÄÌ¿®ÆâÍÆ¤ò°Å¹æ²½¤¹¤ë¤³¤È¤¬¤Ç¤¤Þ¤¹¡£
Copyright (C) 2011¡Á nw.seeeko.com ¥Í¥Ã¥È¥ï¡¼¥¯¥¹¥Ú¥·¥ã¥ê¥¹¥È - ¤»¡¼¤³¤Î¤Ä¤ë¤® -