<html>
  <head>
    <meta content="text/html; charset=ISO-8859-1"
      http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    I am cleaning up my slides and adding some of the demo info to
    them.  I should have them posted in the near future.<br>
    <br>
    <div class="moz-cite-prefix">On 02/07/2014 11:39 AM, Chamunks
      Arkturus wrote:<br>
    </div>
    <blockquote
cite="mid:CAN4GX9E6185VNVaXJKQr=3hfAY45M8YRqmvaTE_gGidzBKfanQ@mail.gmail.com"
      type="cite">
      <div dir="ltr">Thanks Joe I'll look into ansible.  Laurie would
        you happen to have your slides from the presentation?  I'm a
        little upset that I couldn't make it for the last meet.<br>
      </div>
      <div class="gmail_extra">
        <br>
        <br>
        <div class="gmail_quote">On Fri, Feb 7, 2014 at 9:56 AM, L.D.
          Paniak <span dir="ltr"><<a moz-do-not-send="true"
              href="mailto:ldpaniak@fourpisolutions.com" target="_blank">ldpaniak@fourpisolutions.com</a>></span>
          wrote:<br>
          <blockquote class="gmail_quote" style="margin:0 0 0
            .8ex;border-left:1px #ccc solid;padding-left:1ex">
            For managing user, groups and account permissions of
            authenticated web<br>
            services, I have had success using Samba4 with Windows
            tools.  Use the<br>
            Active Directory structures you set up in Samba4 to mange
            the backend<br>
            and have your web services query the AD controller via LDAP
            for<br>
            permissions when a user logs in.  It will probably take some
            work to<br>
            rationalize the structure of your domain, but administration
            afterward<br>
            should be reduced to a secretarial task.<br>
            <div class="HOEnZb">
              <div class="h5"><br>
                <br>
                On 02/07/2014 08:14 AM, Joe Wennechuk wrote:<br>
                > Sounds to me like LDAP is not what you want. If you
                are administering several servers there are good tools.
                I am most familiar with ansible, and I love it.<br>
                ><br>
                > <a moz-do-not-send="true"
href="http://www.infoworld.com/d/data-center/review-puppet-vs-chef-vs-ansible-vs-salt-231308"
                  target="_blank">http://www.infoworld.com/d/data-center/review-puppet-vs-chef-vs-ansible-vs-salt-231308</a><br>
                ><br>
                ><br>
                > ________________________________<br>
                >> Date: Fri, 7 Feb 2014 03:11:00 -0500<br>
                >> From: <a moz-do-not-send="true"
                  href="mailto:chamunks@gmail.com">chamunks@gmail.com</a><br>
                >> To: <a moz-do-not-send="true"
                  href="mailto:kwlug-disc@kwlug.org">kwlug-disc@kwlug.org</a><br>
                >> Subject: [kwlug-disc] LDAP Integration
                question.<br>
                >><br>
                >> I have been growing a bit of a web community
                over this past year<br>
                >> learning an awful lot about systems
                administration. This process has<br>
                >> lead me to learn that giving a little can get
                you a lot. This said<br>
                >> I've ended up with a bit of a dilema. I have
                this massively complex<br>
                >> network of different services and servers here
                and there that require<br>
                >> maintenance and security and all to be updated
                as well. So in my<br>
                >> attempt to not only cater to the opensource
                community surrounding the<br>
                >> game that I support, I have many servers with
                many roles kicking<br>
                >> around.<br>
                >><br>
                >> I've been toying with the idea of LDAP,
                unfortunately my recording of<br>
                >> the LDAP meeting was just frustrating for me to
                review, as I just don't<br>
                >> have the time and hardware to record it
                properly. I'll avoid going<br>
                >> much further into my situation but essentially
                I have a few things that<br>
                >> need LDAP integration. Such as.<br>
                >> <a moz-do-not-send="true"
                  href="http://GitLab.nixium.com" target="_blank">GitLab.nixium.com</a><<a
                  moz-do-not-send="true" href="http://GitLab.nixium.com"
                  target="_blank">http://GitLab.nixium.com</a>> (Self
                Hosted GitHub variant)<br>
                >> <a moz-do-not-send="true"
                  href="http://ci.nixium.com" target="_blank">ci.nixium.com</a><<a
                  moz-do-not-send="true" href="http://ci.nixium.com"
                  target="_blank">http://ci.nixium.com</a>> (Jenkins
                Java build service)<br>
                >> <a moz-do-not-send="true"
                  href="http://nagios.nixium.com/nagios3/"
                  target="_blank">nagios.nixium.com/nagios3/</a><<a
                  moz-do-not-send="true"
                  href="http://nagios.nixium.com/nagios3/"
                  target="_blank">http://nagios.nixium.com/nagios3/</a>>
                (A<br>
                >> learning project)<br>
                >> <a moz-do-not-send="true"
                  href="http://irc.nixium.com:5500" target="_blank">irc.nixium.com:5500</a><<a
                  moz-do-not-send="true"
                  href="http://irc.nixium.com:5500" target="_blank">http://irc.nixium.com:5500</a>>
                [znc] a bouncer I'm<br>
                >> sharing with devs from the community.<br>
                >> An LDAP instance running phpLDAPadmin (for
                security purposes address<br>
                >> omitted from this email)<br>
                >> [Planned Puppet Master Server]<br>
                >><br>
                >> Then an array of minecraft related
                servers/services that require per<br>
                >> box and per service account management.<br>
                >><br>
                >> Clearly handling this starts to get a bit out
                of hand. My issue is I<br>
                >> have no clue how to manage the roles here. Nor
                do I recall how to<br>
                >> handle config files like the following example.<br>
                >><br>
                >> <a moz-do-not-send="true"
href="https://raymii.org/s/tutorials/Gitlab_and_Active_Directory_LDAP_Authentication.html"
                  target="_blank">https://raymii.org/s/tutorials/Gitlab_and_Active_Directory_LDAP_Authentication.html</a><br>
                >><br>
                >> Basically I'm unsure of how to create a schema
                that will handle this<br>
                >> complexity.<br>
                >><br>
                >> _______________________________________________
                kwlug-disc mailing list<br>
                >> <a moz-do-not-send="true"
                  href="mailto:kwlug-disc@kwlug.org">kwlug-disc@kwlug.org</a><br>
                >> <a moz-do-not-send="true"
                  href="http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org"
                  target="_blank">http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org</a><br>
                > _______________________________________________<br>
                > kwlug-disc mailing list<br>
                > <a moz-do-not-send="true"
                  href="mailto:kwlug-disc@kwlug.org">kwlug-disc@kwlug.org</a><br>
                > <a moz-do-not-send="true"
                  href="http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org"
                  target="_blank">http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org</a><br>
                <br>
                <br>
              </div>
            </div>
            <br>
            _______________________________________________<br>
            kwlug-disc mailing list<br>
            <a moz-do-not-send="true" href="mailto:kwlug-disc@kwlug.org">kwlug-disc@kwlug.org</a><br>
            <a moz-do-not-send="true"
              href="http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org"
              target="_blank">http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org</a><br>
            <br>
          </blockquote>
        </div>
        <br>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
kwlug-disc mailing list
<a class="moz-txt-link-abbreviated" href="mailto:kwlug-disc@kwlug.org">kwlug-disc@kwlug.org</a>
<a class="moz-txt-link-freetext" href="http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org">http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org</a>
</pre>
    </blockquote>
    <br>
  </body>
</html>