The HEP White Pages Project Ray Jackson CERN / IT - Internet Services Group 23rd April 2001 - HEPiX/HEPNT Conference, LAL-Orsay, France.

Slides:

Advertisements

Similar presentations

Retrieval of Information from Distributed Databases By Ananth Anandhakrishnan.

Advertisements

IBM Software Group ® Accessing Domino via Outlook iNotes Access for Microsoft Outlook - Notes Domino 5.5 – Domino Access for MS Outlook - Notes Domino.

Serverless Network File Systems. Network File Systems Allow sharing among independent file systems in a transparent manner Mounting a remote directory.

How to Succeed with Active Directory Robert Williams, PhD CEO Secure Logistix Corporation.

Password?. Project CLASP: Common Login and Access rights across Services Plan

Active Directory: Final Solution to Enterprise System Integration

HEPIX - October 1999 IN2P3 LDAP Services Jamet Hélène IN2P3 Computing Center (LYON)

CS603 Directory Services January 30, Name Resolution: What would you like? Historical? –Mail –Telephone DNS? X.500 / LDAP? DCE? ActiveDirectory?

CS603 Active Directory February 1, 2001.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

By Karan Oberoi.  A directory service (DS) is a software application- or a set of applications - that stores and organizes information about a computer.

A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.

Distributed Computing COEN 317 DC2: Naming, part 1.

Lesson 17. Domains and Active Directory. Objectives At the end of this Presentation, you will be able to:

Chapter 1: Hierarchical Network Design

MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 3: Introducing Active Directory.

23/4/2001LDAP Overview - HEPix - LAL 2001 LDAP Overview HEPix – LAL Apr Michel Jouvin

Introduce LDAP 张海鹏 SOA Mult - Little system User Manager System (share between other systems) How to store user Information How to access.

LIGHT WEIGHT DIRECTORY ACCESS PROTOCOL Presented by Chaithra H.T.

Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.

USM Regional PeopleSoft Conference

CS480 Computer Science Seminar Introduction to Microsoft Solutions Framework (MSF)

Distributed Computing COEN 317 DC2: Naming, part 1.

Unit – I CLIENT / SERVER ARCHITECTURE. Unit Structure  Evolution of Client/Server Architecture  Client/Server Model  Characteristics of Client/Server.

Building Secure, Flexible and Scalable Environments using LDAP - SANS Orlando Sacha Faust PricewaterhouseCoopers

Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.

AIMS’99 Workshop Heidelberg, May 1999 P805: Internet Roaming Giuseppe Sisto - Telecom Italia / CSELT Project participants:

Implementing LDAP Client/Server System for Directory Service By Maochun Sun Project Advisor: Dr. Chung-E Wang Department of Computer Science California.

Introduction to Lightweight Directory Access Protocol Introduction Danny Conte Conte Consultants Inc. Jan 31 st 2002.

Sonoma State White Pages Implementation Barry Blackburn Andru Luvisi Brian Biggs.

LDAP (Lightweight Directory Access Protocol ) Speaker: Chang-Yu Wu Adviser: Quincy Wu Date:2007/08/22.

Module 6: Managing Client Access. Overview Implementing Client Access Servers Implementing Client Access Features Implementing Outlook Web Access Introduction.

Password? CLASP Project FOCUS Meeting, 12 October 2000 Denise Heagerty, IT/IS.

GLOBE DISTRIBUTED SHARED OBJECT. INTRODUCTION  Globe stands for GLobal Object Based Environment.  Globe is different from CORBA and DCOM that it supports.

Stroeder.COM TF-LSD Meeting S/MIME Certificate Collector  Motivation  Proposed Solution  Discussion.

Kemal Baykal Rasim Ismayilov

OVERVIEW OF ACTIVE DIRECTORY

LDAP- Protocol and Applications. Role of LDAP Allow clients to access a directory service Directories hold hierarchical structured information Clients.

Introduction to Active Directory

Review on Active Directory. Aim Enable users to find network resources easily Central and easy administration of users and resources in a domain Improve.

MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter One Introduction to Exchange Server 2003.

Hussain Ali Department of Computer Engineering KFUPM, Dhahran, Saudi Arabia Active Directory.

Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.

GIIS Implementation and Requirements F. Semeria INFN European Datagrid Conference Amsterdam, 7 March 2001.

CEG 2400 Fall 2012 Directory Services Active Directory Tree Domain.

1 Introduction to Active Directory Directory Services Uniquely identify users and resources on a network Provide a single point of network management.

MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition (70-294) Chapter 1: Overview of the Active.

Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.

VIRTUAL SERVERS Chapter 7. 2 OVERVIEW Exchange Server 2003 virtual servers Virtual servers in a clustering environment Creating additional virtual servers.

Windows Active Directory – What is it? Definition - Active Directory is a centralized and standardized system that automates network management of user.

1 Directory Services  What is a Directory Service?  Directory Services model  Directory Services naming model  X.500 and LDAP  Implementations of.

Introduction to LDAP Frank A. Kuse.

IMPLEMENTING NAME RESOLUTION USING DNS

Index Object Schema and Replication Infrastructure

Client-Server Interaction

Unit 27: Network Operating Systems

Objective Understand the concepts of modern operating systems by investigating the most popular operating system in the current and future market Provide.

CEG 2400 Fall 2012 Directory Services - LDAP

LDAP – Light Weight Directory Access Protocol

MANAGING DATA RESOURCES

Introduction to Name and Directory Services

CLASP Project AAI Workshop, Nov 2000 Denise Heagerty, CERN

ACTIVE DIRECTORY An Overview.. By Karan Oberoi.

Introduction to Active Directory Directory Services

Database System Architectures

Client/Server and Peer to Peer

Objective Understand the concepts of modern operating systems by investigating the most popular operating system in the current and future market Provide.

Presentation transcript:

The HEP White Pages Project Ray Jackson CERN / IT - Internet Services Group 23rd April HEPiX/HEPNT Conference, LAL-Orsay, France.

Ray Jackson - The HEP White Pages Project2 Roadmap Who am I? Introduction & History Why use LDAP? The Referrals Mechanism HEP White Pages Service at CERN Advantages & Issues with HEP WP. The future of HEP White Pages

Ray Jackson - The HEP White Pages Project3 Who am I? Arrived in June 1999 at CERN Internet Applications Group now named Internet Service Group Working with Messaging Infrastructure (e- mail, distribution lists, news, directories) Computer Science Graduate from Manchester, England Primary role at CERN is with LDAP and GroupWare (distribution lists etc.)

Ray Jackson - The HEP White Pages Project4 Introduction Aim is to have a Global Address Book Scope covers ALL people involved in HEP community Individual queries transparent to users Based on Standard Protocols (OS and Hardware independent) Must be highly scalable, fast & reliable

Ray Jackson - The HEP White Pages Project5 History June 1997 – First LDAP server at CERN Jan 1998 – 17 Labs of IN2P3 implement Global Addressbook Summer 1998 – CERN, IN2P3, DESY discuss HEP White Pages possibilities October 1999 – HEP White Pages implemented at CERN in Netscape Address- Book. Still used today. Summer 2000 – HEP tree expanded to 11 laboratories in Europe and United States

Ray Jackson - The HEP White Pages Project6 Why use LDAP? Official Internet Standard Protocol for Accessing Directories (IETF) Hardware/OS independent – No vendor ties. Replaces proprietary protocols with an ‘open’ protocol (like SMTP & IMAP for ) Wide industry support (Microsoft, Novell, Sun, Netscape, Oracle, IBM, Cisco etc.) Already widely used and deployed.

Ray Jackson - The HEP White Pages Project7 Why use LDAP? cont… Highly scalable (using referrals) Very fast search/read access (5k+ p.s) Flexibility (design & implementation) Secure (v3+ SSL, Kerberos) Few overheads, simpler data model Replication provides fault tolerance, load balancing, redundancy, reliability Easier management & implementation Hierarchical rather than relational

Ray Jackson - The HEP White Pages Project8 The Referrals Mechanism Referrals already used in HEP address book. Referral is returned to client with the address of another LDAP server to contact to fetch data from. Completely transparent to user. (Sees single directory not concerned with multiple servers) Potentially scalable to millions of objects on dozens of servers.. Searches made in parallel. All LDAP v3.x servers/clients support referrals. (Netscape 4.7x, Outlook etc.)

Ray Jackson - The HEP White Pages Project9 Referral Illustration

Ray Jackson - The HEP White Pages Project10 HEP White Pages at CERN Base of search is o=hep Branches contain CERN data (locally stored) and referrals to other HEP LDAP servers. Each organisation in the HEP tree is responsible for their own data. Main access via the Netscape Addressbook Total of 11 Laboratories in the HEP tree. (7 in the US and 4 in Europe) Informal agreement between some labs.

Ray Jackson - The HEP White Pages Project11 Referrals in HEP White Pages

Ray Jackson - The HEP White Pages Project12 HEP White Pages Schema All objects/attributes in the tree must conform to LDAP v3 specifications Primary objects which describe people in the HEP tree are: person, organizationalPerson, inetOrgPerson, organization, organizationalUnit. Primary attributes which describe a person include: cn, givenName, sn, telephoneNumber, mail, o, ou, facsimileTelephoneNumber etc. Can also store binary attributes such as photographs, certificates etc.

Ray Jackson - The HEP White Pages Project13 HEP WP Person entry example dn: employeenumber=123,ou=People,o=cern,o=hep employeeNumber: 123 cn: David Smith givenName: Dave sn: Smith telephoneNumber: mail: o: CERN l: Geneva ou: IT IS …. Etc.

Ray Jackson - The HEP White Pages Project14 HEP Address Book at CERN

Ray Jackson - The HEP White Pages Project15 Web Interface example (NOTE: This is simply a test interface to illustrate the possibilities offered by the HEP White Pages)

Ray Jackson - The HEP White Pages Project16 Advantages to HEP WP. Each organisation maintains it’s own data Highly scalable. (Millions of people) Transparent to users. (New referral can be added/removed without client intervention) Single source of information HEP tree can be housed on any LDAP server. (Referrals act as pointers to same data) Low maintenance and easily managed.

Ray Jackson - The HEP White Pages Project17 Issues with HEP White Pages Based on informal agreements Reliability of data can vary between organisations Duplication of people entries? No unique identifier for a person in the HEP scope No LDAP server = No participation If one server goes down in HEP scope then complete results delayed until time-out. Legal implications (opt-out of HEP scope) Different usage of attributes e.g. roomnumber vs. physicalDeliveryOfficeName

Ray Jackson - The HEP White Pages Project18 Future of HEP White Pages More formal agreements between labs. Unique HEP identifiers for People. e.g. hepID Removal of duplicate entries Central body to oversee schema definitions and assign HEP ID’s? Secure White Pages based on LDAPS (running on SSL port 636) Personal Certificates stored on LDAP?

Ray Jackson - The HEP White Pages Project19 Questions and feedback Thanks for listening… do you have any questions about what you’ve heard?