[kwlug-disc] LDAP Integration question.

Fri Feb 7 11:39:22 EST 2014

Thanks Joe I'll look into ansible.  Laurie would you happen to have your
slides from the presentation?  I'm a little upset that I couldn't make it
for the last meet.

On Fri, Feb 7, 2014 at 9:56 AM, L.D. Paniak <ldpaniak at fourpisolutions.com>wrote:

> For managing user, groups and account permissions of authenticated web
> services, I have had success using Samba4 with Windows tools.  Use the
> Active Directory structures you set up in Samba4 to mange the backend
> and have your web services query the AD controller via LDAP for
> permissions when a user logs in.  It will probably take some work to
> rationalize the structure of your domain, but administration afterward
> should be reduced to a secretarial task.
>
>
> On 02/07/2014 08:14 AM, Joe Wennechuk wrote:
> > Sounds to me like LDAP is not what you want. If you are administering
> several servers there are good tools. I am most familiar with ansible, and
> I love it.
> >
> >
> http://www.infoworld.com/d/data-center/review-puppet-vs-chef-vs-ansible-vs-salt-231308
> >
> >
> > ________________________________
> >> Date: Fri, 7 Feb 2014 03:11:00 -0500
> >> From: chamunks at gmail.com
> >> To: kwlug-disc at kwlug.org
> >> Subject: [kwlug-disc] LDAP Integration question.
> >>
> >> I have been growing a bit of a web community over this past year
> >> learning an awful lot about systems administration. This process has
> >> lead me to learn that giving a little can get you a lot. This said
> >> I've ended up with a bit of a dilema. I have this massively complex
> >> network of different services and servers here and there that require
> >> maintenance and security and all to be updated as well. So in my
> >> attempt to not only cater to the opensource community surrounding the
> >> game that I support, I have many servers with many roles kicking
> >> around.
> >>
> >> I've been toying with the idea of LDAP, unfortunately my recording of
> >> the LDAP meeting was just frustrating for me to review, as I just don't
> >> have the time and hardware to record it properly. I'll avoid going
> >> much further into my situation but essentially I have a few things that
> >> need LDAP integration. Such as.
> >> GitLab.nixium.com<http://GitLab.nixium.com> (Self Hosted GitHub
> variant)
> >> ci.nixium.com<http://ci.nixium.com> (Jenkins Java build service)
> >> nagios.nixium.com/nagios3/<http://nagios.nixium.com/nagios3/> (A
> >> learning project)
> >> irc.nixium.com:5500<http://irc.nixium.com:5500> [znc] a bouncer I'm
> >> sharing with devs from the community.
> >> An LDAP instance running phpLDAPadmin (for security purposes address
> >> omitted from this email)
> >> [Planned Puppet Master Server]
> >>
> >> Then an array of minecraft related servers/services that require per
> >> box and per service account management.
> >>
> >> Clearly handling this starts to get a bit out of hand. My issue is I
> >> have no clue how to manage the roles here. Nor do I recall how to
> >> handle config files like the following example.
> >>
> >>
> https://raymii.org/s/tutorials/Gitlab_and_Active_Directory_LDAP_Authentication.html
> >>
> >> Basically I'm unsure of how to create a schema that will handle this
> >> complexity.
> >>
> >> _______________________________________________ kwlug-disc mailing list
> >> kwlug-disc at kwlug.org
> >> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
> > _______________________________________________
> > kwlug-disc mailing list
> > kwlug-disc at kwlug.org
> > http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
>
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20140207/a8396490/attachment.htm>