dbis directory based information services
play

DBIS: Directory-Based Information Services A replacement for NIS and - PowerPoint PPT Presentation

Aug 22, 2023 •186 likes •283 views

DBIS: Directory-Based Information Services A replacement for NIS and RFC2307 by Mark R. Bannister dbis.sf.net Background RFC 2307, late 1990s (experimental) RFC 2307bis, 2002-2009 (draft) RFC 4876, 2007 nss_ldap (PADL, Sun

  1. DBIS: Directory-Based Information Services A replacement for NIS and RFC2307 by Mark R. Bannister dbis.sf.net

  2. Background ● RFC 2307, late 1990s (experimental) ● RFC 2307bis, 2002-2009 (draft) ● RFC 4876, 2007 ● nss_ldap (PADL, Sun Microsystems) ● NSS doesn't support all maps ● NSS libraries open their own LDAP connections ● 2005/2006 lightweight library, daemon process – Solaris 10 – nss-pam-ldapd dbis.sf.net

  3. Background ● 2010, merge two large NIS domains into AD – Clashing UIDs and GIDs – Duplicate configuration (NSS and automounter) – 10,000+ netgroup entries ● 2013, NIS-to-LDAP migration – Case sensitivity – Custom attributes and object classes dbis.sf.net

  4. Approach ● Split RFC 2307 & RFC 2307bis into separate documents ● Needed a new name: DBIS ● Mission: – Solve case sensitivity problem – Add enterprise-class features – Mix schemas & clients – Not allowed to redefine attributes / classes – Thin NSS library / daemon process – nss_dbis / nss_ldap can work together ● New IETF internet drafts, 2013 ● Reference implementation completed 2015 dbis.sf.net

  5. Features ● Configuration maps ● Case-sensitive attributes, e.g. en (exactName) ● Replacement object classes, e.g. posixUserAccount ● Transformation rules – Prefix, suffix, increment, decrement ● Overlays ● Netgroup constraints, i.e. tailored “views” ● Netservices – Roles, permissions and services “Am I in this netgroup? Therefore I have this role” becomes “Do I have this role?” (DBIS client handles netgroup check) dbis.sf.net

  6. Miscellaneous ● dbisMapGecos (passwd maps) ● Automount improvements ● netgroupUser, netgroupHost ● ipv4Address, ipv6Address ● LDAP alias objects ● disableObject ● dbisMapName (custom maps) ● Comprehensive schema comparison: – http://sourceforge.net/p/dbis/wiki/DBIS%20and%20RFC2307%20schemas/ dbis.sf.net

  7. Reference Implementation ● DBIS 1.5.0, September 2015 – Tested on OpenSUSE, RHEL and Solaris – dbis-cachemgr – nss_dbis – dbis – Python API – Perl API – C API – Pyloom dbis.sf.net

  8. Future Plans ● Integration: Autofs, Sudo, Puppet ● Multi-column custom data ● Packaging ● LDAP persistent searches ● Migration tools ● Java API ● Load-balancing algorithms ● LDAP authentication schemes ● LDAP server profiles ● Defacto standard for reference data dbis.sf.net

  9. Further Information IETF Internet Drafts: ● – DBIS Mapping Objects: draft-bannister-dbis-mapping – DBIS Netgroups and Netservices: draft-bannister-dbis-netgroup – DBIS Users and Groups: draft-bannister-dbis-passwd – DBIS Hosts, Networks and Services: draft-bannister-dbis-hosts – DBIS Devices: draft-bannister-dbis-devices – DBIS Automounter: draft-bannister-dbis-automounter – DBIS Custom Maps: draft-bannister-dbis-custom Download DBIS from SourceForge, try it today! ● http://dbis.sf.net Blog articles: ● http://technicalprose.blogspot.co.uk/2013/08/introducing-dbis.html Connect to me on LinkedIn: ● https://uk.linkedin.com/in/mbannister Discuss DBIS on (old) IETF mailing list: ldapext@ietf.org ● dbis.sf.net

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

WHAT IS THE SERVICE DIRECTORY? USING THE DIRECTORY Simple format- search by Service Name (if

WHAT IS THE SERVICE DIRECTORY? USING THE DIRECTORY Simple format- search by Service Name (if

A one-stop shop , district and borough-wide register of local services , events and other assets Professional directory- the information on it is not made available to the wider public. Users can see at a glance what the service can do

294 views • 11 slides
Directories and directory implementation Introduction to directory implementation and the art of

Directories and directory implementation Introduction to directory implementation and the art of

Directories and directory implementation Introduction to directory implementation and the art of attributes Miroslav Milinovic, University Computing Centre, University of Zagreb Jasmina Hodzic, Center for Information Technology Services,

1.65k views • 20 slides
Directory Services A service that stores collections of bindings between names and attributes, and

Directory Services A service that stores collections of bindings between names and attributes, and

Directory Services A service that stores collections of bindings between names and attributes, and looks up entries that match attribute-based specifications (e.g., Microsoft's Active Directory Service, X.500 and LDAP) Case Study - X.500

515 views • 12 slides
Active Directory By: Kishor Datar 10/25/2007 What is a directory service? Directory

Active Directory By: Kishor Datar 10/25/2007 What is a directory service? Directory

Active Directory By: Kishor Datar 10/25/2007 What is a directory service? Directory Collection of related objects Files, Printers, Fax servers etc. Directory Service Information needed to use and manage the objects. Source

438 views • 27 slides
Directory Services Landscape Services, Technologies, Protocols, Products, and the Medium Mohsen

Directory Services Landscape Services, Technologies, Protocols, Products, and the Medium Mohsen

Directory Services Landscape Services, Technologies, Protocols, Products, and the Medium Mohsen Banan <public@mohsen.banan.1.byname.net> 07/08/2000 1 Outline Directory Concepts X.500 & OSI Directory X.509 & PKI

666 views • 50 slides
Chapter 9: Name Services 9.1 Introduction 9.2 Name services and the DNS 9.3 Directory

Chapter 9: Name Services 9.1 Introduction 9.2 Name services and the DNS 9.3 Directory

Chapter 9: Name Services 9.1 Introduction 9.2 Name services and the DNS 9.3 Directory services 9.6 Summary Learning objectives To understand the need for naming systems in distributed systems To be familiar with the design

682 views • 20 slides
Integration with Active Directory Jeremy Allison Samba Team Benefits of using Active Directory

Integration with Active Directory Jeremy Allison Samba Team Benefits of using Active Directory

Integration with Active Directory Jeremy Allison Samba Team Benefits of using Active Directory Unlike the earlier Microsoft Windows NT 4.x Domain directory service which used proprietary DCE/RPC calls, Active Directory is based on standard

557 views • 27 slides
Netscape Directory and Calendar Server More information on :

Netscape Directory and Calendar Server More information on :

Netscape Directory and Calendar Server More information on : http://www.cs.kuleuven.ac.be/faq/Calendar (also via home page DeptCW > Interne Informatie > FAQ > Directory & Calendar Servers) Date: 18/02/2000 Slide 1

664 views • 31 slides
Directory-based Cache Coherency 1 To read more This days papers: Lenoski et al, The

Directory-based Cache Coherency 1 To read more This days papers: Lenoski et al, The

Directory-based Cache Coherency 1 To read more This days papers: Lenoski et al, The Directory-Based Cache Coherence Protocol for the DASH Multiprocessor Supplementary readings: Hennessy and Patterson, section 5.4 Molka et al,

792 views • 57 slides
Directory-based Coherence ( 5.4) Idea : Implement a directory that keeps track of where

Directory-based Coherence ( 5.4) Idea : Implement a directory that keeps track of where

Directory-based Coherence ( 5.4) Idea : Implement a directory that keeps track of where each copy of a block is cached and its state in each cache (note that with snooping, the state of a block was kept only in the cache).

515 views • 5 slides
Directory Services Status Update (including ARP Op:miza:on) Donald Eastlake, Li Yizhou (Huawei)

Directory Services Status Update (including ARP Op:miza:on) Donald Eastlake, Li Yizhou (Huawei)

Directory Services Status Update (including ARP Op:miza:on) Donald Eastlake, Li Yizhou (Huawei) d3e3e3@gmail.com liyizhou@huawei.com July 2016 TRILL WG 1 Directory Services Related Dra>s In RFC Editors queue

437 views • 11 slides
Next Generation Next Generation gTLD Dir gTLD Directory Services ectory Services Pr

Next Generation Next Generation gTLD Dir gTLD Directory Services ectory Services Pr

Next Generation Next Generation gTLD Dir gTLD Directory Services ectory Services Pr Presentation by the esentation by the Expert W Expert Working Gr orking Group (EWG) oup (EWG) Next Generation gTLD Directory Services

569 views • 15 slides
LDAP (Lightweight Directory Access Protocol) wangth Computer Center, CS, NCTU What is Directory

LDAP (Lightweight Directory Access Protocol) wangth Computer Center, CS, NCTU What is Directory

LDAP (Lightweight Directory Access Protocol) wangth Computer Center, CS, NCTU What is Directory Service? What is Directory Service ( ) Highly optimized for reads Implements a distributed model for storing information

554 views • 39 slides
OntoGather Information Gathering in a Dynamic World Thomas Hornung Kai Simon Georg Lausen

OntoGather Information Gathering in a Dynamic World Thomas Hornung Kai Simon Georg Lausen

OntoGather Information Gathering in a Dynamic World Thomas Hornung Kai Simon Georg Lausen Group DBIS Albert-Ludwigs-Universit at Freiburg June 11, 2006 T. Hornung, K.Simon, G.Lausen (DBIS) OntoGather PPSWR 06 1 / 5 Classic Web search

564 views • 8 slides
Directory Services and Interoperability A short chronicle of FAIL! :-) Simo Sorce Samba Team /

Directory Services and Interoperability A short chronicle of FAIL! :-) Simo Sorce Samba Team /

Directory Services and Interoperability A short chronicle of FAIL! :-) Simo Sorce Samba Team / Red Hat, Inc. Directory Services Centralize: management of users management of machines control of security settings configuration management

280 views • 16 slides
UNIX Commands CIS 218 Advanced UNIX Commands (UNIX) File/Directory information ls

UNIX Commands CIS 218 Advanced UNIX Commands (UNIX) File/Directory information ls

UNIX Commands CIS 218 Advanced UNIX Commands (UNIX) File/Directory information ls LiSt. Shows contents of current directory. cd Change Directory mv

264 views • 7 slides
Project Plan Kubernetes Cluster Inspection Tool The Capstone Experience Team Google Dave Ackley

Project Plan Kubernetes Cluster Inspection Tool The Capstone Experience Team Google Dave Ackley

Project Plan Kubernetes Cluster Inspection Tool The Capstone Experience Team Google Dave Ackley Linghao Ji Guillermo Jimenez Haylee Quarles Casey Schneider Ben Whitelaw Department of Computer Science and Engineering Michigan State

310 views • 12 slides
S9545 - USING THE DEEPSTREAM SDK FOR AI-BASED VIDEO ANALYTICS Anudeep Nallamothu - NVIDIA

S9545 - USING THE DEEPSTREAM SDK FOR AI-BASED VIDEO ANALYTICS Anudeep Nallamothu - NVIDIA

S9545 - USING THE DEEPSTREAM SDK FOR AI-BASED VIDEO ANALYTICS Anudeep Nallamothu - NVIDIA Solutions Architect Andrew Bull - NVIDIA Solutions Architect Realtime Streaming Video Analytics Framework for Analyzing Video Understand

525 views • 51 slides
Distributed Shared Memory (DSM) Robert Gasparyan, Angela Gong, Judson Wilson CS 240, Spring 2015

Distributed Shared Memory (DSM) Robert Gasparyan, Angela Gong, Judson Wilson CS 240, Spring 2015

Distributed Shared Memory (DSM) Robert Gasparyan, Angela Gong, Judson Wilson CS 240, Spring 2015 What is DSM? Physically separate memory addressed as one shared address space Memory shared on page-by-page basis CPU CPU CPU CPU

294 views • 25 slides
LTTng Project Updates Outline Outline LTTng 2.11 Upcoming LTTng features LTTng 2.12

LTTng Project Updates Outline Outline LTTng 2.11 Upcoming LTTng features LTTng 2.12

Polytechnique Montral Polytechnique Montral December 2019 December 2019 LTTng Project Updates Outline Outline LTTng 2.11 Upcoming LTTng features LTTng 2.12 & 2.13 Babeltrace 2.0 Restartable Sequences

658 views • 27 slides
Linux Plumbers Conference 2011 LTTng 2.0 : Application, Library and Kernel tracing within your

Linux Plumbers Conference 2011 LTTng 2.0 : Application, Library and Kernel tracing within your

Linux Plumbers Conference 2011 LTTng 2.0 : Application, Library and Kernel tracing within your Linux distribution. E-mail: mathieu.desnoyers@efficios.com Mathieu Desnoyers September 9th, 2011 1 > Presenter Mathieu Desnoyers

421 views • 23 slides
IPsec real end-to-end security without VPNs FUKT Computer Society Teddy Hogeborn Bjrn

IPsec real end-to-end security without VPNs FUKT Computer Society Teddy Hogeborn Bjrn

IPsec real end-to-end security without VPNs FUKT Computer Society Teddy Hogeborn Bjrn Phlsson Who are we? FUKT Computer Society Unix system since 1995 Using IPsec since 2003 FUKT is a society/club for computer enthusiasts

927 views • 45 slides
Next generation web scanning New Zealand: A case study First presented at KIWICON III 2009 By

Next generation web scanning New Zealand: A case study First presented at KIWICON III 2009 By

Next generation web scanning New Zealand: A case study First presented at KIWICON III 2009 By Andrew Horton aka urbanadventurer NZ Web Recon Goal: To scan all of New Zealand's web-space to see what's there. Requirements: Targets

802 views • 61 slides
Exploding the Linux Container Host Presenter: Ben Corrie (@bensdoings) Containers vs VMs

Exploding the Linux Container Host Presenter: Ben Corrie (@bensdoings) Containers vs VMs

Exploding the Linux Container Host Presenter: Ben Corrie (@bensdoings) Containers vs VMs Google Wisdom: VMs and Containers are similar but different Try running containers in VMs for security Containers are best for scale-out

314 views • 17 slides

More recommend