Directory Implementation
In order to support different directories, a driver-based architecture was implemented for ClearOS directory services. In addition, the directory was split into two distinct layers:
Base Layer
- Base LDAP functionality
Application Layer
- Accounts (Users and Groups)
- Central Management
Base Layer
The base layer provides a generic API for a basic LDAP server. The API provides methods such as:
- LDAP.get_base_dn()
- LDAP.get_bind_dn()
- LDAP.is_initialized()
Using a generic API, a developer does not need to concern themselves with the underlying details. The method calls could be talking to an OpenLDAP server, a Samba 4 Directory server, or any other valid ClearOS LDAP driver.
The ldap ClearOS App provides the skeleton framework, while the openldap ClearOS App provides the OpenLDAP driver: /usr/clearos/apps/openldap/libraries/LDAP_Driver.php. In the future, the Samba Directory / Samba 4 driver will also be available. Support for other LDAP servers can also be implemented.
Application Layer
Though Users and Groups are certainly common in directory servers, other applications often use directories for other tasks. for example internal DNS server records. In ClearOS, the Central Management tool will use LDAP in part of the implementation.
Accounts - Users and Groups
The Accounts (Users and Groups) layer also uses a driver-based architecture. The API provides methods such as:
- User.add()
- User.delete()
- User.set_password()
- User_Manager.get_list()
- Group.add()
- Group.add_member()
- Group_Manager.get_group_memberships()
In ClearOS Enterprise 6, two drivers implement the Accounts layer:
- OpenLDAP (app-openldap-directory)
- Active Directory (app-active-directory)