[kwlug-disc] LDAP Integration question.

L.D. Paniak ldpaniak at fourpisolutions.com
Fri Feb 7 09:56:05 EST 2014


For managing user, groups and account permissions of authenticated web
services, I have had success using Samba4 with Windows tools.  Use the
Active Directory structures you set up in Samba4 to mange the backend
and have your web services query the AD controller via LDAP for
permissions when a user logs in.  It will probably take some work to
rationalize the structure of your domain, but administration afterward
should be reduced to a secretarial task.


On 02/07/2014 08:14 AM, Joe Wennechuk wrote:
> Sounds to me like LDAP is not what you want. If you are administering several servers there are good tools. I am most familiar with ansible, and I love it.
>
> http://www.infoworld.com/d/data-center/review-puppet-vs-chef-vs-ansible-vs-salt-231308
>
>
> ________________________________
>> Date: Fri, 7 Feb 2014 03:11:00 -0500 
>> From: chamunks at gmail.com 
>> To: kwlug-disc at kwlug.org 
>> Subject: [kwlug-disc] LDAP Integration question. 
>>
>> I have been growing a bit of a web community over this past year 
>> learning an awful lot about systems administration. This process has 
>> lead me to learn that giving a little can get you a lot. This said 
>> I've ended up with a bit of a dilema. I have this massively complex 
>> network of different services and servers here and there that require 
>> maintenance and security and all to be updated as well. So in my 
>> attempt to not only cater to the opensource community surrounding the 
>> game that I support, I have many servers with many roles kicking 
>> around. 
>>
>> I've been toying with the idea of LDAP, unfortunately my recording of 
>> the LDAP meeting was just frustrating for me to review, as I just don't 
>> have the time and hardware to record it properly. I'll avoid going 
>> much further into my situation but essentially I have a few things that 
>> need LDAP integration. Such as. 
>> GitLab.nixium.com<http://GitLab.nixium.com> (Self Hosted GitHub variant) 
>> ci.nixium.com<http://ci.nixium.com> (Jenkins Java build service) 
>> nagios.nixium.com/nagios3/<http://nagios.nixium.com/nagios3/> (A 
>> learning project) 
>> irc.nixium.com:5500<http://irc.nixium.com:5500> [znc] a bouncer I'm 
>> sharing with devs from the community. 
>> An LDAP instance running phpLDAPadmin (for security purposes address 
>> omitted from this email) 
>> [Planned Puppet Master Server] 
>>
>> Then an array of minecraft related servers/services that require per 
>> box and per service account management. 
>>
>> Clearly handling this starts to get a bit out of hand. My issue is I 
>> have no clue how to manage the roles here. Nor do I recall how to 
>> handle config files like the following example. 
>>
>> https://raymii.org/s/tutorials/Gitlab_and_Active_Directory_LDAP_Authentication.html 
>>
>> Basically I'm unsure of how to create a schema that will handle this 
>> complexity. 
>>
>> _______________________________________________ kwlug-disc mailing list 
>> kwlug-disc at kwlug.org 
>> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org 		 	   		  
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 555 bytes
Desc: OpenPGP digital signature
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20140207/1533df74/attachment.sig>


More information about the kwlug-disc mailing list