dCache and LDAP AuthN Ron Trompert SURFsara A :ny Bit - PowerPoint PPT Presentation

Dec 14, 2022 •415 likes •519 views

dCache and LDAP AuthN Ron Trompert SURFsara A :ny Bit of History Number of systems Own user administra:on system Some users had access

dCache ¡and ¡LDAP ¡AuthN ¡ Ron ¡Trompert ¡ SURFsara ¡
A ¡ :ny ¡ Bit ¡of ¡History ¡ • Number ¡of ¡systems ¡ – Own ¡user ¡administra:on ¡system ¡ – Some ¡users ¡had ¡access ¡to ¡more ¡than ¡one ¡system ¡ • Mul:ple ¡loginnames ¡and ¡passwds ¡ L ¡ • Central ¡User ¡Administra:on ¡(CUA) ¡ – Pam_ldap ¡ – Set ¡of ¡ldap ¡servers ¡ • Redundant, ¡failover, ¡blablablabla ¡ – One ¡loginname ¡and ¡one ¡passwd ¡ • Select ¡systems ¡where ¡the ¡user ¡should ¡have ¡access ¡to ¡
About ¡dCache ¡ • Uids ¡and ¡gids ¡in ¡CUA ¡ • ¡WebDAV ¡with ¡hMp ¡basic ¡authn ¡ – Uids ¡and ¡gids ¡in ¡CUA ¡but ¡passwd ¡not ¡ – Need ¡LDAP ¡AuthN ¡
JAAS ¡ • AuthN ¡and ¡AuthZ ¡ • Pluggable ¡ • Now ¡in ¡dCache ¡ – kerberos ¡
JAAS ¡and ¡Kerberos ¡ • Jaas ¡config ¡file ¡ – default: ¡ ¡ kerberos.jaas.config=/etc/dcache/jgss.conf � – jgss.conf: ¡
JAAS ¡and ¡Kerberos ¡ • gplazma.conf: ¡ ¡ ¡
JAAS ¡and ¡LDAP ¡ • JAAS ¡config ¡file ¡ – dcache.conf: ¡ kerberos.jaas.config=/etc/dcache/ldap.conf � – ldap.conf: ¡
JAAS ¡and ¡LDAP ¡ • AuthN ¡went ¡fine, ¡but…… ¡ It ¡did ¡not ¡work ¡out ¡of ¡the ¡box. ¡Module ¡ produced ¡principles ¡which ¡could ¡not ¡be ¡ handled ¡by ¡other ¡gplazma ¡modules ¡for ¡ mapping ¡ • Tigran ¡wrote ¡the ¡mutator ¡module, ¡thanks ¡!!! ¡
JAAS ¡and ¡LDAP ¡ • gplazma.conf: ¡
¡ ¡ Ques:ons????? ¡

Download Presentation

Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Introduction to LDAP Frank A. Kuse Introduction to LDAP AGENDA Understanding LDAP

Introduction to LDAP Frank A. Kuse Introduction to LDAP AGENDA Understanding LDAP LDAP Servers Information Structure Protocol Overview LDAP operations UNDERSTANDING LDAP LDAP stands for Lightweight Directory Access

268 views • 12 slides

dCache dCache seminar at FERMIlab dCache.ORG Patrick Fuhrmann et al. dCache.ORG and slides

dCache dCache seminar at FERMIlab dCache.ORG Patrick Fuhrmann et al. dCache.ORG and slides stolen from nearly everywhere additional funding, support or contributions by d-grid DGI II P. Fuhrmann Sep 26, 2008 dCache seminar, FERMIlab

375 views • 34 slides

dCache Beginners Course Introducing dCache An overview to dCache and how it is deployed in grid

dCache Beginners Course Introducing dCache An overview to dCache and how it is deployed in grid environments. Karlsruhe Institute of Technology (KIT), Steinbuchcentre for Computing (SCC) KIT University of the State of Baden-Wuerttemberg and

297 views • 12 slides

dCache in Use at DESY dCache in Use DESY DV/IT 5.7.2010 Overview grid gridFTP, (gsi)dcap,

Andreas Haupt, Birgit Lewendel dCache in Use at DESY dCache in Use DESY DV/IT 5.7.2010 Overview grid gridFTP, (gsi)dcap, SRM dcache-se-desy dcache-se-cms dcache-se-atlas lcg-se1 lcg-se0 Calice, CFEL, GKSS, ILC, Olympus, Petra3,

417 views • 7 slides

dCache for Photon Science Outline: Overview and Resources Photon dCache Monitoring Birgit

dCache for Photon Science Outline: Overview and Resources Photon dCache Monitoring Birgit Lewendel for the dCache operations team Summary DESY IT 6th dCache Workshop dCache at DESY DESY National Analysis Facility Zeuthen 0.7 PB CTA

100 views • 7 slides

Whats new since 2016 Tigran Mkrtchyan for dCache Team dCache User Workshop, Ume, Sweden

Whats new since 2016 Tigran Mkrtchyan for dCache Team dCache User Workshop, Ume, Sweden What will be NOT covered with talks Changes in REST API New functionality in dCache-view CEPH HA-dCache Macaroons and OpenID-connect

267 views • 25 slides

dCache NFSv4.1 Tigran Mkrtchyan Zeuthen, 13.04.12 dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 |

dCache NFSv4.1 Tigran Mkrtchyan Zeuthen, 13.04.12 dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 1 Outline NFSv41 basics NFSv4.1 concepts PNFS Id mapping Industry standard dCache implementation dCache NFSv4.1 |

1.14k views • 46 slides

How we implemented an LDAP directory Multiple Simultaneous Requests . . . . . . . . . . . . . . .

Getting Started What do you already know about ldap ? . . . . . . . . . . . . . . slide #3 What Do You Want? . . . . . . . . . . . . . . . . . . . . . . . . . . . . slide #4 Argument for LDAP Account Information . . . . . . . . . . . . . . . . .

442 views • 26 slides

dCache - delegated storage solutions Tigran Mkrtchyan for dCache Team ISGC 2016, Taiwan dCache

dCache - delegated storage solutions Tigran Mkrtchyan for dCache Team ISGC 2016, Taiwan dCache on one slide JVM JVM JVM Message passing layer Door(s) Pool Manager Name Space Pools (clients entry point) Door Pools (requests scheduler)

254 views • 21 slides

CMS Subgroups in dCache 2.2 CMS T3 requirements for dCache We manage a CMS T3 cluster financed

CMS Subgroups in dCache 2.2 CMS T3 requirements for dCache We manage a CMS T3 cluster financed by 3 Swiss Institutes: PSI , UniZ , ETHZ ; during 2013 we will run 700TB net based on 2*NetApp E5400 + 4*Sun X4500 + 5*Sun X4540 ; Our user

210 views • 10 slides

Effjcient Message Serialization for Inter-Service Communication in dCache Evaluating a Replacement

Effjcient Message Serialization for Inter-Service Communication in dCache Evaluating a Replacement for Java Serialization in dCache Lea Morschel for dCache Team, November 7 2019 About dCache A distributed petabyte-scale storage system for

713 views • 42 slides

dCache: Powerful Storage Made Easy Paul l Milla illar (on behalf of the dCache.org team)

dCache: Powerful Storage Made Easy Paul l Milla illar (on behalf of the dCache.org team) dCache dCache is powerful storage system, providing what people need, now. We're also pushing the envelope of what storage systems can do.

1.04k views • 25 slides

dCache dCache in the in the NDGF Distributed Tier 1 NDGF Distributed Tier 1 Gerd Behrmann

dCache dCache in the in the NDGF Distributed Tier 1 NDGF Distributed Tier 1 Gerd Behrmann Second dCache Workshop Hamburg, 18 th of January 2007 NORDUnet A/S NORDUnet A/S The Nordic Regional Research and Educational Network (RREN)

520 views • 18 slides

dCache, selected topics (LCG MB) Patrick Fuhrmann dCache.ORG additional funding, support or

dCache.ORG dCache, selected topics (LCG MB) Patrick Fuhrmann dCache.ORG additional funding, support or contributions by d-grid DGI II Phone Meeting 4.8.2009 LCG MB Patrick Fuhrmann Content Chimera and the Pnfs to Chimera Migration

176 views • 15 slides

Integra(on of Billing (Accoun(ng) Plots ( dCache 2.1+) Albert L.

Integra(on of Billing (Accoun(ng) Plots ( dCache 2.1+) Albert L. Rossi Fermi Na(onal Accelerator Laboratory Accoun(ng ( dCache Book , Chpt. 24) For dCache

401 views • 10 slides

US CMS Tier 1 dCache Timur Perelmutov, Fermilab dCache Workshop, DESY, January 19, 2007 1

US CMS Tier 1 dCache Timur Perelmutov, Fermilab dCache Workshop, DESY, January 19, 2007 1 Stage Area Stage Area -11 nodes-10TB Pools for staging files from tapes managed by dCache File Hopping Pool-to-Pool copy to read pools

407 views • 13 slides

Ibercloud: orchestrating services to provide virtualized access to IberGrid C. Fernandez, A.

Ibercloud: orchestrating services to provide virtualized access to IberGrid C. Fernandez, A. Simn (CESGA) I. Campos, E. Fernndez, A. Lopez Garcia, J. Marco De Lucas, M.A. Nuez Vega (IFCA) C. Alfonso, I. Blanquer, M. Caballer, G. Molto

370 views • 21 slides

KDC LDAP Schema IETF 11/02 Donna Skibbie, IBM Overview KDC LDAP Schema draft: Defines all KDC

KDC LDAP Schema IETF 11/02 Donna Skibbie, IBM Overview KDC LDAP Schema draft: Defines all KDC attributes except for those used to store key data Keys Extension draft: Defines attributes used to store key data Flow of Data to LDAP

798 views • 10 slides

What's New in OpenLDAP Howard Chu CTO, Symas Corp / Chief Architect OpenLDAP FOSDEM'14 OpenLDAP

What's New in OpenLDAP Howard Chu CTO, Symas Corp / Chief Architect OpenLDAP FOSDEM'14 OpenLDAP Project Open source code project Founded 1998 Three core team members A dozen or so contributors Feature releases every 12-18

627 views • 42 slides

Simulation Engines TDA571|DIT030 Software Engineering Tommaso Piazza 1 Administrative Stuff

Simulation Engines TDA571|DIT030 Software Engineering Tommaso Piazza 1 Administrative Stuff Any new arrivals? Have you booked your first supervision? Today is the last day! Do you know in which group you are in? Did you get a

551 views • 53 slides

LDB and the LDAP server in Samba4 Simo Sorce Samba Team idra@samba.org simo.sorce@quest.com

LDB and the LDAP server in Samba4 Simo Sorce Samba Team idra@samba.org simo.sorce@quest.com http://www.samba.org/~idra What is LDB ? LDB is an LDAP-like database interface LDAP-like data model support LDAP like search expressions but it

1.03k views • 24 slides

Infosys in ARC6 (server) Infosys in ARC6 (server) Confjguration changes: see relevant

Infosys in ARC6 (server) Infosys in ARC6 (server) Confjguration changes: see relevant presentation for detailed description Mandatory blocks: [ i n f o s y s ] [ i n f o s y s / g l u e 2 ] New block names

426 views • 4 slides

What's new in httpd 2.2? 2.1 Paul Querna pquerna@apache.org July 21, 2005

What's new in httpd 2.2? 2.1 Paul Querna pquerna@apache.org July 21, 2005 http://www.outoforder.cc/presentations/ 2.2? major.minor.patch Versioning Scheme: Even = Stable / General Availability 2.0.x & 2.2.x Odd =

393 views • 37 slides

5.2) Injections (part 2) Shell Injection, XML Injection, LDAP injection Emmanuel Benoist Spring

5.2) Injections (part 2) Shell Injection, XML Injection, LDAP injection Emmanuel Benoist Spring Term 2016 Berner Fachhochschule | Haute cole spcialise bernoise | Berne University of Applied Sciences 1 Table of Contents Injection in PHP

995 views • 73 slides