Some experiences on LDAP deployment in the RedIRIS network

Slides:

Advertisements

Similar presentations

PSPL Persistent Systems Private Limited ( Implementation of a SQL Engine for LDAP Shiv Shankar Ramakrishnan, Ranjeet Sonone, Shyam.

Advertisements

Naming Computer Engineering Department Distributed Systems Course Asst. Prof. Dr. Ahmet Sayar Kocaeli University - Fall 2014.

USING THE GLOBUS TOOLKIT This summary by: Asad Samar / CALTECH/CMS Ben Segal / CERN-IT FULL INFO AT:

Directory & Naming Services CS-328 Dick Steflik. A Directory.

EduShib VA What is EduShib VA? EduShib VA (Virtual Appliance) is a image based implementation tool for eduroam and Shibboleth.

LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL PRESENTATION BY ALAKESH APURVA DHAN AND ASH.

03/07/08 © 2008 DSR and LDAP Authentication Avocent Technical Support.

23/4/2001LDAP Overview - HEPix - LAL 2001 LDAP Overview HEPix – LAL Apr Michel Jouvin

GRID Centralized management of the Globus grid-mapfile Carlo Rocca INFN, Catania.

Introduction To OpenLDAP Directory Services. What is a Directory Service? A specialized database optimized for reading, browsing, and searching. No complicated.

Directory Server Campus Booster ID: Copyright © SUPINFO. All rights reserved OpenLDAP.

LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL Presented by Chaithra H.T.

The Directory A distributed database Distributed maintenance.

Certificate Retrieval from OpenLDAP The X.509 attribute Parsing Server (XPS)

Computer Science 101 Database Concepts. Database Collection of related data Models real world “universe” Reflects changes Specific purposes and audience.

Extending OpenLDAP Luke Howard PADL Software Pty Ltd Copyright © 2003 PADL Software Pty Ltd. All rights reserved. PADL is a registered trademark of PADL.

Building Secure, Flexible and Scalable Environments using LDAP - SANS Orlando Sacha Faust PricewaterhouseCoopers

Lattice QCD Data Grid Middleware: status report M. Sato, CCS, University of Tsukuba ILDG6, May, 12, 2005.

The LDAP Schema Registry and its requirements on Slapd development OpenLDAP Developers' Day San Francisco 21 March 2003 Peter Gietz, DAASI International.

0 SharePoint Search 2013 Rafael de la Cruz SharePoint Developer Seneca Resources twitter.com/delacruz_rafael

LDAP (Lightweight Directory Access Protocol ) Speaker: Chang-Yu Wu Adviser: Quincy Wu Date:2007/08/22.

VLDB Demo WISE-Integrator: A System for Extracting and Integrating Complex Web Search Interfaces of the Deep Web Hai He, Weiyi Meng, Clement Yu, Zonghuan.

LDAP: Accessing Operational Information CNS 4650 Fall 2004 Rev. 2.

Michael StröderDate: Slide 1 Datei: /home/michael/Bizness/SURFnet/web2ldap_presentation_TF-LSD.sdd web2ldap  Personal info  Michael Ströder 

Apache DS 2.0 Emmanuel Lécharny Nextury What's new ?

The World Wide Web: Information Resource. Hock, Randolph. The Extreme Searcher’s Internet Handbook. 2 nd ed. CyberAge Books: Medford. (2007). Internet.

DC/X521 gateway What it does With each qeury it tries to find out the responsible ldap server and returns a referral for that server.

The HEP White Pages Project Ray Jackson CERN / IT - Internet Services Group 23rd April HEPiX/HEPNT Conference, LAL-Orsay, France.

29 October 2001Terena TF-LSD1 Certificate Retrieval With OpenLDAP David Chadwick.

AACLS Documentation LDAP and releasing information issue ACL and ACI AACLS Model Physical Architecture Logical Architecture Example : a French university.

4 October 2001 Tuning in to H.323 / LDAP security What this presentation is about - RADvision ECS registration control via LDAP - information and configs.

1 News about the privacy document 6 th TF-LSD Meeting Limerick Peter Gietz

LDAP (Lightweight Directory Access Protocol)

GRID Centralized Management of the Globus grid-mapfile Carlo Rocca, INFN Catania.

OVERVIEW OF ACTIVE DIRECTORY

LDAP- Protocol and Applications. Role of LDAP Allow clients to access a directory service Directories hold hierarchical structured information Clients.

Active Directory CNS 4650 Fall 2004 Rev. 2. Active Directory Introduced with Windows 2000 Server X.500 based Can emulate NT-style network environments.

Hussain Ali Department of Computer Engineering KFUPM, Dhahran, Saudi Arabia Active Directory.

LDAP Namespace CNS 4650 Fall 2004 Rev. 2. What is a namespace? Different from XML, C++, Java, etc. Names permitted and used in a directory Can include.

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Information System Tutorial Laurence Field.

Directory Services CS5493/7493. Directory Services Directory services represent a technological breakthrough by integrating into a single management tool:

1 Introduction to Active Directory Directory Services Uniquely identify users and resources on a network Provide a single point of network management.

1 Directories in Europe SURFnet.NL Innovation Manager CAMP, Tempe, Arizona – 1-3 Feb 2002.

1 CEG 2400 Fall 2012 Directory Services Directory Services eDirLDAP Active Directory.

Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.

University of California Cloud Computing Task Force Russ Hobby.

Finding Information in an LDAP Directory Info. Tech. Svcs. University of Hawaii Russell Tokuyama 05/02/01 University of Hawaii © 2001.

Lightweight Directory Access Protocol Objectives –This chapter will first show you how to install and use LDAP Contents –The LDAP Database Structure –Scenario.

LDAP: Synchronizing LDAP Information CNS 4650 Fall 2004 Rev. 2.

1 Directory Services  What is a Directory Service?  Directory Services model  Directory Services naming model  X.500 and LDAP  Implementations of.

Samba4. What is Samba4? ● A replacement for Active Directory ● The centre of a windows domain: – Windows domain logon server – Windows-compatible LDAP.

Migrating to LDAP What is LDAP? Fedora Directory Server LdapImport

gLite Information System

Introduction to LDAP Frank A. Kuse.

Information System Virginia Martín-Rubio Pascual

Index Object Schema and Replication Infrastructure

gLite Information System

Lecture 7: Name and Directory Servers

Lecture 7: Name and Directory Servers

LDAP – Light Weight Directory Access Protocol

Lecture 8: Name and Directory Servers

Introduction to Name and Directory Services

2nd TF-LSD meeting, Amsterdam, 2. February 2001

EGEE Middleware: gLite Information Systems (IS)

Project Proposal: Definition of an European Educational Person (DEEP)

DIrectory REplication CoordinaTion May 2000

Introduction to Active Directory Directory Services

LDAP LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL

Developing with uConnect

Presentation transcript:

Some experiences on LDAP deployment in the RedIRIS network TF-LSD February 2, 2001. Amsterdam

Evolution of the Spanish Academic Directory From X.500 to LDAP From X.521 to dc-based Current o=Universidad XX,c=es Intended dc=uxx,dc=es Simpler location of electronic entities Domain-based naming is used by all other services Ease of use (user@dom.ain, server.dom.ain) Easier integration with the SRV RR in DNS Problems White-pages applications It is usual to reflect organization structures into the DIT Searches are often performed on DN components. Those attributes are not included in the entry itself Legacy (what about certificates?)

From X.521 to dc naming Legacy White pages Temporary maintenance of both structures Up to what existing applications require White pages CIP-based index server (LIMS) Minimum common set of attributes (iris-* classes?) At the national level (dc=es/c=es), a server containing referrals to organizational servers At the organizational level, recommendations for building interfaces based on the iris-* attributes

Migration Task Force RedIRIS + 3 universities + 1 regional government 6 LDAP servers 40,000 entries Definition of a iris-* skeleton Define required (indexable) attributes for: Organizations Groups Services Persons Attributes for metadata are specially relevant Tests on the new structure Migration guide

o=universidad de la rioja, c=es Test structure referral dc=xx OpenLDAP dc=es OpenLDAP dc=rediris dc=rediris, dc=es OpenLDAP dc=um dc=um, dc=es OpenLDAP dc=dif dc=dif, dc=um, dc=es dc=unirioja c=es Netscape Directory Server o=rediris o=universidad de la rioja, c=es o=universidad de la rioja IPlanet o=GVA o=GVA, c=es

Experimental index server

Tests with the index server Using the LDIF files provided by the participating organizations Experiments are quite promising Issues detected up to now Different formats for coding national characters in LDIF files => problems when searching them Mismatch between the speficied filter and the one used internally by the index server Assume we use the filter cn=javi The index server returns referrals for the filter cn=*javi* Not all referred servers contains entries matching cn=javi, so they return “not found” when receiving the search