CONFIGURING LDAP Authentication (rsso 9.1)

Slides:

Advertisements

Similar presentations

Directory Services BICS 565. What is a Directory Service (DS)? A service that allows users to lookup information about entities in an organization Entities.

Advertisements

Chapter 4 Chapter 4: Planning the Active Directory and Security.

1 Active Directory (Week 8, Monday 2/26/2007) © Abdou Illia, Spring 2007.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

CS603 Active Directory February 1, 2001.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

Distributed Systems CS Naming – Part II Lecture 6, Sep 26, 2011 Majd F. Sakr, Vinay Kolar, Mohammad Hammoud.

1 Chapter 1 Introduction to Windows Server Two main goals for Net Admin Make network resources available to users Files, folders, printers, etc.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

By Karan Oberoi.  A directory service (DS) is a software application- or a set of applications - that stores and organizes information about a computer.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.

© N. Ganesan, Ph.D., All rights reserved. Active Directory Nanda Ganesan, Ph.D.

A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.

1 CSIT 320. Just as the combination of a database and a database management system collects and organizes information about an institution/company/… as.

03/07/08 © 2008 DSR and LDAP Authentication Avocent Technical Support.

Nassau Community College

(ITI310) SESSIONS : Active Directory By Eng. BASSEM ALSAID.

Chapter 11: Directory Services. Directory Services A directory service is a database that contains information about all objects on the network. Directory.

Directory services Unit objectives

Session 6 Windows Platform Dina Alkhoudari. Learning Objectives What is Active Directory Logical components of active directory Physical components of.

Windows Server 2008 Chapter 4 Last Update

MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 3: Introducing Active Directory.

Working with domains and Active Directory

Introduction To OpenLDAP Directory Services. What is a Directory Service? A specialized database optimized for reading, browsing, and searching. No complicated.

SERVER I SLIDE: 6. SERVER I Topics: Objective 4.3: Deploy and configure the DNS service Objective 5.1: Install domain controllers.

Active Directory Windows2003 Server. Agenda What is Active Directory What is Active Directory Building an Active Directory Building an Active Directory.

Chapter Two Defining Network Objects. Chapter Objectives Describe how a workstation communicates with the network, and list the software components required.

Module 7 Active Directory and Account Management.

The DSpace Course Module – Configuring LDAP. Module objectives  By the end of this module you will:  Understand how DSpace uses LDAP for authentication.

Implementing LDAP Client/Server System for Directory Service By Maochun Sun Project Advisor: Dr. Chung-E Wang Department of Computer Science California.

Active Directory Maryam Izadi. Topics Covered NT Vs 2000/2003 Active Directory LDAP MMC.

6. Naming (name services)

LDAP (Lightweight Directory Access Protocol ) Speaker: Chang-Yu Wu Adviser: Quincy Wu Date:2007/08/22.

Page 1 Active Directory and DNS Lecture 2 Hassan Shuja 09/14/2004.

By Rashid Khan Lesson 6-Building a Directory Service.

LDAP (Lightweight Directory Access Protocol)

Introduction to Active Directory

Hussain Ali Department of Computer Engineering KFUPM, Dhahran, Saudi Arabia Active Directory.

LDAP Namespace CNS 4650 Fall 2004 Rev. 2. What is a namespace? Different from XML, C++, Java, etc. Names permitted and used in a directory Can include.

Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.

CEG 2400 Fall 2012 Directory Services Active Directory Tree Domain.

Directory Services CS5493/7493. Directory Services Directory services represent a technological breakthrough by integrating into a single management tool:

1 Introduction to Active Directory Directory Services Uniquely identify users and resources on a network Provide a single point of network management.

1 CEG 2400 Fall 2012 eDirectory – Directory Service.

MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition (70-294) Chapter 1: Overview of the Active.

Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.

Planning an Active Directory Deployment Lesson 1.

Domain Name System: DNS To identify an entity, TCP/IP protocols use the IP address, which uniquely identifies the Connection of a host to the Internet.

Active Directories: Purpose and Structure Chrystom Ciganko IFMG352 Final Presentation.

CS 372 COMPUTER COMMUNICATION AND NETWORKS

Overview of Active Directory Domain Services

Domain Name System (DNS)

Introduction to LDAP Frank A. Kuse.

Module 1: Introduction to Administering Accounts and Resources

Overview of Active Directory Domain Services

ACTIVE DIRECTORY ADMINISTRATION

Active Directory Administration

(ITI310) SESSIONS 6-7-8: Active Directory.

Net 323 D: Networks Protocols

Active Directory Stored collection of information about objects

Unit 3 NT1330 Client-Server Networking II Date: 1/6/2016

CEG 2400 Fall 2012 Directory Services - LDAP

Introduction to Name and Directory Services

Active Directory (November 7, 2016) © Abdou Illia, Fall 2016.

EGEE Middleware: gLite Information Systems (IS)

Windows Active Directory Environment

ACTIVE DIRECTORY An Overview.. By Karan Oberoi.

Introduction to Active Directory Directory Services

Computer Networks Presentation

Developing with uConnect

Presentation transcript:

CONFIGURING LDAP Authentication (rsso 9.1) RSSO LABS CONFIGURING LDAP Authentication (rsso 9.1)

WHAT IS LDAP? LDAP (Lightweight Directory Access Protocol) is an application protocol to manage and access distributed directory information service over a network. The main purpose of a DS (Directory Service) is to provide an hierarchal structure to access and manage records/data/information, this can include records on computer systems, locations, Organizational unit, and Users As with all hierarchal structured applications LDAP provides the ability to search for a particular record without knowing the full path to the record(s) you are looking for. e.g. AR Server search for computer system CI named “mycomputer” on the CMDB BMC_BaseElement form 'Name' LIKE "%my%" AND 'DatasetId' = "BMC.ASSET“ LDAP search from the root for a user called “JCKER” (&(uid=JCKER))

COMMONLY USED LDAP NAMING ATTRIBUTES CN = Common Name OU = Organizational Unit DC = Domain Component DN: Distinquguised name These are all parts of the X.500 Directory Specification, which defines nodes in a LDAP directory. https://en.wikipedia.org/wiki/X.500 You can also read up on LDAP data Interchange Format (LDIF), which is an alternate format. You read it from right to left, the right-most component is the root of the tree, and the left most component is the node (or leaf) you want to reach. Each = pair is a search criteria. With your example query ("CN=Dev-India,OU=Distribution Groups,DC=gp,DC=gl,DC=google,DC=com"); In effect the query is: From the com Domain Component, find the google Domain Component, and then inside it the gl Domain Component and then inside it the gp Domain Component. In the gp Domain Component, find the Organizational Unit called Distribution Groups and then find the the object that has a common name of Dev-India.

COMMONLY USED LDAP NAMING ATTRIBUTES Common Name: Information in an LDAP database comes in the form of objects. Objects have attributes that describe them. For example, the User object for Allen Allbrook would have attributes such as Allen's logon name, his password, his phone number, his email address, his department, and so forth. When an LDAP client (in our case RSSO) submits a query that contains the objects Distinguihsed Name (DN) and the attributes that the client wants to see. A search for information about Allen could be phrased in a couple of different ways You could search for attributes in Allen's User object. “Give me the Department attribute for cn=Allen Allbrook,cn=Users,dc=Company,dc=com.” You could search for attributes that end up including Allen's object. “Give me all User objects with a Department attribute equal to Support.” In either case, LDAP can find Tom's object because the name assigned to the object describes its place in the LDAP namespace.

LDAP STRUCTURE? The User objects in the diagram have designators that start with CN, meaning Common Name. The CN designator applies to all but a few object types. Active Directory only uses two other object designators (although LDAP defines several). They are as follows: Domain Component (DC). DC objects represent the top of an LDAP tree that uses DNS to define its namespace. Active Directory is an example of such an LDAP tree. The designator for an Active Directory domain with the DNS name Company.com would be dc=Company,dc=com. Organizational Unit (OU). OU objects act as containers that hold other objects. They provide structure to the LDAP namespace. OUs are the only general-purpose container available to administrators in Active Directory. An example OU name would be ou=Accounting. Distinguished Names. A name that includes an object's entire path to the root of the LDAP namespace is called its distinguished name, or DN. An example DN for a user named CSantana whose object is stored in the cn=Users container in a domain named Company.com would be cn=CSantana,cn=Users,dc=Company,dc=com.

WHAT IS LDAP? Common Names: Information in an LDAP database comes in the form of objects. Objects have attributes that describe them. For example, the User object for Allen Allbrook would have attributes such as Allen's logon name, his password, his phone number, his email address, his department, and so forth. When an LDAP client (in our case RSSO) is submits a query that contains the objects Distinguihsed Name (DN) and the attributes that the client wants to see. A search for information about Allen could be phrased in a couple of different ways You could search for attributes in Allen's User object. “Give me the Department attribute for cn=Allen Allbrook,cn=Users,dc=Company,dc=com.” You could search for attributes that end up including Allen's object. “Give me all User objects with a Department attribute equal to Support.” In either case, LDAP can find Tom's object because the name assigned to the object describes its place in the LDAP namespace.