[kwlug-disc] LDAP Integration question.

L.D. Paniak ldpaniak at fourpisolutions.com
Fri Feb 7 12:27:45 EST 2014


I am cleaning up my slides and adding some of the demo info to them.  I
should have them posted in the near future.

On 02/07/2014 11:39 AM, Chamunks Arkturus wrote:
> Thanks Joe I'll look into ansible.  Laurie would you happen to have
> your slides from the presentation?  I'm a little upset that I couldn't
> make it for the last meet.
>
>
> On Fri, Feb 7, 2014 at 9:56 AM, L.D. Paniak
> <ldpaniak at fourpisolutions.com <mailto:ldpaniak at fourpisolutions.com>>
> wrote:
>
>     For managing user, groups and account permissions of authenticated web
>     services, I have had success using Samba4 with Windows tools.  Use the
>     Active Directory structures you set up in Samba4 to mange the backend
>     and have your web services query the AD controller via LDAP for
>     permissions when a user logs in.  It will probably take some work to
>     rationalize the structure of your domain, but administration afterward
>     should be reduced to a secretarial task.
>
>
>     On 02/07/2014 08:14 AM, Joe Wennechuk wrote:
>     > Sounds to me like LDAP is not what you want. If you are
>     administering several servers there are good tools. I am most
>     familiar with ansible, and I love it.
>     >
>     >
>     http://www.infoworld.com/d/data-center/review-puppet-vs-chef-vs-ansible-vs-salt-231308
>     >
>     >
>     > ________________________________
>     >> Date: Fri, 7 Feb 2014 03:11:00 -0500
>     >> From: chamunks at gmail.com <mailto:chamunks at gmail.com>
>     >> To: kwlug-disc at kwlug.org <mailto:kwlug-disc at kwlug.org>
>     >> Subject: [kwlug-disc] LDAP Integration question.
>     >>
>     >> I have been growing a bit of a web community over this past year
>     >> learning an awful lot about systems administration. This
>     process has
>     >> lead me to learn that giving a little can get you a lot. This said
>     >> I've ended up with a bit of a dilema. I have this massively complex
>     >> network of different services and servers here and there that
>     require
>     >> maintenance and security and all to be updated as well. So in my
>     >> attempt to not only cater to the opensource community
>     surrounding the
>     >> game that I support, I have many servers with many roles kicking
>     >> around.
>     >>
>     >> I've been toying with the idea of LDAP, unfortunately my
>     recording of
>     >> the LDAP meeting was just frustrating for me to review, as I
>     just don't
>     >> have the time and hardware to record it properly. I'll avoid going
>     >> much further into my situation but essentially I have a few
>     things that
>     >> need LDAP integration. Such as.
>     >> GitLab.nixium.com
>     <http://GitLab.nixium.com><http://GitLab.nixium.com> (Self Hosted
>     GitHub variant)
>     >> ci.nixium.com <http://ci.nixium.com><http://ci.nixium.com>
>     (Jenkins Java build service)
>     >> nagios.nixium.com/nagios3/
>     <http://nagios.nixium.com/nagios3/><http://nagios.nixium.com/nagios3/>
>     (A
>     >> learning project)
>     >> irc.nixium.com:5500
>     <http://irc.nixium.com:5500><http://irc.nixium.com:5500> [znc] a
>     bouncer I'm
>     >> sharing with devs from the community.
>     >> An LDAP instance running phpLDAPadmin (for security purposes
>     address
>     >> omitted from this email)
>     >> [Planned Puppet Master Server]
>     >>
>     >> Then an array of minecraft related servers/services that
>     require per
>     >> box and per service account management.
>     >>
>     >> Clearly handling this starts to get a bit out of hand. My issue
>     is I
>     >> have no clue how to manage the roles here. Nor do I recall how to
>     >> handle config files like the following example.
>     >>
>     >>
>     https://raymii.org/s/tutorials/Gitlab_and_Active_Directory_LDAP_Authentication.html
>     >>
>     >> Basically I'm unsure of how to create a schema that will handle
>     this
>     >> complexity.
>     >>
>     >> _______________________________________________ kwlug-disc
>     mailing list
>     >> kwlug-disc at kwlug.org <mailto:kwlug-disc at kwlug.org>
>     >> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>     > _______________________________________________
>     > kwlug-disc mailing list
>     > kwlug-disc at kwlug.org <mailto:kwlug-disc at kwlug.org>
>     > http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
>
>
>     _______________________________________________
>     kwlug-disc mailing list
>     kwlug-disc at kwlug.org <mailto:kwlug-disc at kwlug.org>
>     http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
>
>
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20140207/f5dbdf83/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 555 bytes
Desc: OpenPGP digital signature
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20140207/f5dbdf83/attachment.sig>


More information about the kwlug-disc mailing list