[kwlug-disc] LDAP Integration question.
L.D. Paniak
ldpaniak at fourpisolutions.com
Fri Feb 7 12:27:45 EST 2014
I am cleaning up my slides and adding some of the demo info to them. I
should have them posted in the near future.
On 02/07/2014 11:39 AM, Chamunks Arkturus wrote:
> Thanks Joe I'll look into ansible. Laurie would you happen to have
> your slides from the presentation? I'm a little upset that I couldn't
> make it for the last meet.
>
>
> On Fri, Feb 7, 2014 at 9:56 AM, L.D. Paniak
> <ldpaniak at fourpisolutions.com <mailto:ldpaniak at fourpisolutions.com>>
> wrote:
>
> For managing user, groups and account permissions of authenticated web
> services, I have had success using Samba4 with Windows tools. Use the
> Active Directory structures you set up in Samba4 to mange the backend
> and have your web services query the AD controller via LDAP for
> permissions when a user logs in. It will probably take some work to
> rationalize the structure of your domain, but administration afterward
> should be reduced to a secretarial task.
>
>
> On 02/07/2014 08:14 AM, Joe Wennechuk wrote:
> > Sounds to me like LDAP is not what you want. If you are
> administering several servers there are good tools. I am most
> familiar with ansible, and I love it.
> >
> >
> http://www.infoworld.com/d/data-center/review-puppet-vs-chef-vs-ansible-vs-salt-231308
> >
> >
> > ________________________________
> >> Date: Fri, 7 Feb 2014 03:11:00 -0500
> >> From: chamunks at gmail.com <mailto:chamunks at gmail.com>
> >> To: kwlug-disc at kwlug.org <mailto:kwlug-disc at kwlug.org>
> >> Subject: [kwlug-disc] LDAP Integration question.
> >>
> >> I have been growing a bit of a web community over this past year
> >> learning an awful lot about systems administration. This
> process has
> >> lead me to learn that giving a little can get you a lot. This said
> >> I've ended up with a bit of a dilema. I have this massively complex
> >> network of different services and servers here and there that
> require
> >> maintenance and security and all to be updated as well. So in my
> >> attempt to not only cater to the opensource community
> surrounding the
> >> game that I support, I have many servers with many roles kicking
> >> around.
> >>
> >> I've been toying with the idea of LDAP, unfortunately my
> recording of
> >> the LDAP meeting was just frustrating for me to review, as I
> just don't
> >> have the time and hardware to record it properly. I'll avoid going
> >> much further into my situation but essentially I have a few
> things that
> >> need LDAP integration. Such as.
> >> GitLab.nixium.com
> <http://GitLab.nixium.com><http://GitLab.nixium.com> (Self Hosted
> GitHub variant)
> >> ci.nixium.com <http://ci.nixium.com><http://ci.nixium.com>
> (Jenkins Java build service)
> >> nagios.nixium.com/nagios3/
> <http://nagios.nixium.com/nagios3/><http://nagios.nixium.com/nagios3/>
> (A
> >> learning project)
> >> irc.nixium.com:5500
> <http://irc.nixium.com:5500><http://irc.nixium.com:5500> [znc] a
> bouncer I'm
> >> sharing with devs from the community.
> >> An LDAP instance running phpLDAPadmin (for security purposes
> address
> >> omitted from this email)
> >> [Planned Puppet Master Server]
> >>
> >> Then an array of minecraft related servers/services that
> require per
> >> box and per service account management.
> >>
> >> Clearly handling this starts to get a bit out of hand. My issue
> is I
> >> have no clue how to manage the roles here. Nor do I recall how to
> >> handle config files like the following example.
> >>
> >>
> https://raymii.org/s/tutorials/Gitlab_and_Active_Directory_LDAP_Authentication.html
> >>
> >> Basically I'm unsure of how to create a schema that will handle
> this
> >> complexity.
> >>
> >> _______________________________________________ kwlug-disc
> mailing list
> >> kwlug-disc at kwlug.org <mailto:kwlug-disc at kwlug.org>
> >> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
> > _______________________________________________
> > kwlug-disc mailing list
> > kwlug-disc at kwlug.org <mailto:kwlug-disc at kwlug.org>
> > http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
>
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org <mailto:kwlug-disc at kwlug.org>
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
>
>
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20140207/f5dbdf83/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 555 bytes
Desc: OpenPGP digital signature
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20140207/f5dbdf83/attachment.sig>
More information about the kwlug-disc
mailing list