Gentoo Wiki


This article is part of the HOWTO series.
Installation Kernel & Hardware Networks Portage Software System X Server Gaming Non-x86 Emulators Misc

Previous page Top Next Page


Contents in Detail

1. Before We Start 
This Section

2. Install 
First we will configure our make flags and install our base packages. Also we will cover other packages you might want to install to utilize optional Tools.

3. Basic Setup 
Second we will configure a basic insecure environment. this will simplify testing and hammering out config issues in necessary components. this will help us to ensure all necessary components are functioning properly before we attempt any further security.

4. Basic Evaluation 
In this section we will Evaluate the Basic setup, testing various portions in order to evaluate functionality. Tests will include: local system checks, user creation, joining workstations, profiles, home directories, etc

5. Security Upgrade 
In this section we will look at ways we can increase security in our LDAP PDC. Improvements will include: permissions of critical files, creation of SSL certificates, modification of config files to use SSL or TLS, and application of access controls to slapd in order to limit default read access.

6. Security Evaluation 
In this section we will evaluate our new Secure LDAP PDC. In large the same tests will be repeated as in the Basic Evaluation, as well as some to explicitly test SSL and TLS. We also change the account we use to contact the ldap server so we don't need to use our rootdn all the time.
7. Performance Tuning 
8. Migration 
9. Admin Tools 
10. Complete Config Listings 
11. References 


After pouring over countless HOW-TO's that almost describe what you want but don't go all the way, or finding out that one thing another HOW-TO wants to do is wrong I've decided to go it alone, and help others.


After completing this walkthrough you should expect to have a configured and running LDAP enabled Samba driven Primary Domain Controller.


This how to expects you to have a working gentoo installation and familiarity with the Command Line Interface (CLI) and a Linux text editor. Your exact system hardware configuration should not effect the course of this HowTo but you never know.

Test Box

All though your hardware may vary so your system configuration may differ from mine. Here is my /etc/make.conf I've built the system with the default (2.6) profiles from 2005.1 and 2005.1-r1


-O2 -march=i686




Note: -j3 is intended for dual processor systems, -j2 should be used for single processor systems


-X -alsa -apm acl apache2 cscope hardened hardenedphp innodb -ipv6 
kerberos ldap maildir mbox mime mmx mysql mysqli ncurses samba 
sockets socks5 spell threads vhosts

Previous page Top Next Page

Retrieved from ""

Last modified: Wed, 03 Sep 2008 02:46:00 +0000 Hits: 12,783