System Administration Practice Homework6 - LDAP login + Puppet + Jail yench / lctseng / chchang2222.

Slides:



Advertisements
Similar presentations
SEHR (System for Electronic Healthdata Recording) Administrator Practice Guides SEHR Update Doc. Category: APG – administrator practice guides.
Advertisements

System Administration Final Project - Micro Computer Center hchung, hwchiu.
Lesson 18: Configuring Application Restriction Policies
Linux Operations and Administration
© 2012 IBM Corporation Tivoli Workload Automation Informatica Power Center.
System Administration HW1-1 changlp. Computer Center, CS, NCTU 2 Requirements  Basic Install up-to-date –RELEASE of FreeBSD  8.2-R Add a user and a.
One to One instructions Installing and configuring samba on Ubuntu Linux to enable Linux to share files and documents with Windows XP.
Building service testbeds on FIRE D5.2.5 Virtual Cluster on Federated Cloud Demonstration Kit August 2012 Version 1.0 Copyright © 2012 CESGA. All rights.
System Administration HW2 - FTP, Samba, BT, ZFS jwbai.
Final Project – NFS and NIS jwbai. Computer Center, CS, NCTU 2 Goal master.passwd passwd group netgroup amd.conf userA, /nis/home/userA userB, /nis/home/userB.
System Administration HW1 huanghs. Computer Center, CS, NCTU 2 Requirements  Basic Install FreeBSD and upgrade to up-to-date –RELEASE Recompile your.
CT 320 Midterm Study Guide.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
FTP Server and FTP Commands By Nanda Ganesan, Ph.D. © Nanda Ganesan, All Rights Reserved.
Single Sign-on with Kerberos 1 Chris Eberle Ryan Thomas RC Johnson Kim-Lan Tran CS-591 Fall 2008.
Module 6: Configuring User Environments Using Group Policy.
Module 7: Managing the User Environment by Using Group Policy.
System Administration HW3 Shell Script changlp. Computer Center, CS, NCTU 2 Requirements  User socket statistic (20%) Use one-line command to show per-user.
Cisco Confidential © 2010 Cisco and/or its affiliates. All rights reserved. 1 MSE Virtual Appliance Presenter Name: Patrick Nicholson.
System Administration Practice Homework 1-2 : X Window System lctseng.
Module 1: Implementing Active Directory ® Domain Services.
Homework 03 - Hint DNS. Computer Center, CS, NCTU 2 Architecture ns.a.nctucs.net a.a /24 ns.b.nctucs.net b.b /24.
Exercise 4 – NFS and NIS Announced Date: 2007/12/11 Due Date: 2007/12/25.
Homework 03 DNS. Computer Center, CS, NCTU 2 Architecture ns.a.nctucs.net a.a /24 ns.b.nctucs.net b.b /24 slave.
System Administration HW2 - File System Server ylin.
CSE 548 Advanced Computer Network Security Trust in MobiCloud using Hadoop Framework Updates Sayan Cole Jaya Chakladar Group No: 1.
System Administration HW2 - File System Server. Computer Center, CS, NCTU 2 FTP  Install a FTP server for FreeBSD Pure-FTPd: /usr/ports/ftp/pure-ftpd.
1 Network Information System (NIS). 2 Module – Network Information System (NIS) ♦ Overview This module focuses on configuring and managing Network Information.
Linux Services Configuration
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
RT-LAB Electrical Applications 1 Opal-RT Technologies Use of the “Store Embedded” mode Solution RT-LAB for PC-104.
System Administration HW5 - Micro Computer Center yihshih / lctseng.
Virtualization Technology and Microsoft Virtual PC 2007 YOU ARE WELCOME By : Osama Tamimi.
1 Active Directory Administration Tasks And Tools Active Directory Administration Tasks Active Directory Administrative Tools Using Microsoft Management.
1 Day 2 Logging in, Passwords, Man, talk, write. 2 Logging in Unix is a multi user system –Many people can be using it at the same time. –Connections.
CSE 548 Advanced Computer Network Security Trust in MobiCloud using Hadoop Framework Updates Sayan Kole Jaya Chakladar Group No: 1.
Basic Service & Settings xclin. Computer Center, CS, NCTU 2 If you want to transfer a file…
Linux Operations and Administration
SQL SERVER 2008 Installation Guide A Step by Step Guide Prepared by Hassan Tariq.
FTP COMMANDS OBJECTIVES. General overview. Introduction to FTP server. Types of FTP users. FTP commands examples. FTP commands in action (example of use).
System Administration HW3 - Shell Script chenyp. Computer Center, CS, NCTU 2 Requirements  File statistics (20%+10%) use one-line command to show files.
Module 6: Configuring User Environments Using Group Policies.
Integrity Check As You Well Know, It Is A Violation Of Academic Integrity To Fake The Results On Any.
Installing Applications in FreeBSD lctseng. Computer Center, CS, NCTU 2 Before we start  Permission issue root: the super user Like administrator in.
Microsoft ® Official Course Module 6 Managing Software Distribution and Deployment by Using Packages and Programs.
System Administration Practice Homework 1-3 : Chinese World lctseng.
VMware Certified Professional 6-Data Center Virtualization Beta 2V0-621Exam.
QUESTION 1: Your role of Network Administrator at ABC.com includes the management of the Active Directory Domain Services (AD DS) domain named ABC.com.
Vmware 2V0-621D Vmware Exam Questions & Answers VMware Certified Professional 6 Presents
C Copyright © 2006, Oracle. All rights reserved. Oracle Secure Backup Additional Installation Topics.
Assignprelim.1 Assignment Preliminaries © 2012 B. Wilkinson/Clayton Ferner. Modification date: Jan 16a, 2014.
PRESENTED BY ALI NASIR BITF13M040 AMMAR HAIDER BITF13M016 SHOIAB BAJWA BITF13M040 AKHTAR YOUNAS BITF13M019.
System Administration HW3 - Shell Script hchung. Computer Center, CS, NCTU 2 Requirements  User connect time statistic script (10%) Use one-line command.
Managing User Desktops with Group Policy
Network Administration Practice Homework4 – Mail System
Connect:Direct for UNIX v4.2.x Silent Installation
Homework 3 frank.
Adding High Availability to Condor Central Manager Tutorial
System Administration Practice Homework 1-1 : FreeBSD Base
Microsoft Ignite NZ October 2016 SKYCITY, Auckland.
asset: Academic Survey System & Evaluation Tool
System Administration HW1-3 Chinese World
Final Project– NFS and NIS
Computer System Administration Homework 3 – File Server
Microsoft SQL Server Upgrade and Downgrade scenarios
System Administration HW5 - Micro Computer Center
System Administration HW3 - File System Server
System Administration Homework 4 – Web Server
System Administration Practice Homework2 - File System Server
System Administration HW2 - File System Server
Presentation transcript:

System Administration Practice Homework6 - LDAP login + Puppet + Jail yench / lctseng / chchang2222

Computer Center, CS, NCTU 2 LDAP – Overview (Total 60%) LDAP client : sabsd LDAP slave : saduty LDAP master : sahome bind Self-bind LDAP replication bind Self-bind

Computer Center, CS, NCTU 3 LDAP Base Requirement (35%)  3 accounts (sauser, sata, saadm) in LDAP (5%)  User info must includes (5%) telephoneNumber postalAddress birthdate  Basic LDAP ACL (5%) Every one can access user info except userPassword Self and manager(rootdn) can ‘write’ passwd  Password must encrypted (5%)  Master works (5%)  Slave works (5%)  Replication between master and slave (5%)

Computer Center, CS, NCTU 4 LDAP Advanced Requirement (25%)  LDAP over SSL (ldaps) on master and slave (5%)  Password script for LDAP user (5%)  User Policy (15%)

Computer Center, CS, NCTU 5 LDAP - User policy  sauser – allow to login on all hosts (5%) Can access user info except userPassword  sata – allow to login all hosts (5%) Can access user info except userPassword If login on sahome, sata can ‘write’ others password. (ACL)  saadm – only allow to login on sahome (ACL) (5%) Visible on other hosts Can ‘write’ information of every user.

Computer Center, CS, NCTU 6 Puppet (Total 35%)  Setup (10%) sahome is the puppet master all machines are puppet agents  Manifest to control different host (5%)  File Distribution (5%)  Offline user management (5%)  Service deployment (5%)  Command execution (5%)

Computer Center, CS, NCTU 7 Puppet – Setup (10%)  Master (4%) On sahome Run puppetmaster service Daemon runs without any error  Master agent (2%) On sahome Master as agent of itself Using ‘puppet agent -t’ to fetch any manifest and execute  Normal agent (4%, 2% for each) On saduty, sabsd Using ‘puppet agent -t’ to fetch any manifest and execute Make sure the certificates are correct

Computer Center, CS, NCTU 8 Puppet – Node Manifest (5%)  Define three node definition in site.pp  Node ‘master’ (2%) Apply on sahome Should create an empty file called ‘/tmp/sa-puppet-master’  Node ‘slave’ (2%) Apply on saduty Should create an empty file called ‘/tmp/sa-puppet-slave’  Node ‘default’ (1%) Apply on all machines, excludes sahome and saduty  In this homework, it will apply on sabsd Should create an empty file called ‘/tmp/sa-puppet-default’

Computer Center, CS, NCTU 9 Puppet – File Distribution (5%)  Distribute files to agents You need to write modules  Single file (3%) Will modify /etc/hosts Three versions of ‘/etc/hosts’ files should be distributed to sahome, saduty and sabsd respectively  You may create multiple modules Make sure your puppet still work correctly  Directory (2%) Create a directory called ‘sa-demo’, put some files under it Recursively distribute the directory to all agents Target path /tmp/sa-demo

Computer Center, CS, NCTU 10 Puppet – Offline User Management (5%)  Change root’s shell into /bin/sh  We will change the shell back to /bin/csh to test your module  Apply on sabsd

Computer Center, CS, NCTU 11 Puppet – Service Deployment (5%)  Install pure-ftpd on sabsd via puppet module  Enable pure-ftpd service Must keep running after reboot Test it by using service pure-ftpd start/stop  You need to transfer pure-ftpd.conf before start the service pure-ftpd.conf must provided by puppet module  Make sure you have declared dependency  When demo, TA may: Remove your pure-ftpd.conf Remove the pure-ftpd package Stop the pure-ftpd service  Make sure your puppet module can handle above situations

Computer Center, CS, NCTU 12 Puppet – Command Execution (5%)  sabsd runs a script given by master The script can be downloaded from:  Script filename /root/sa-hw6  Script must be executable (file mode) Working directory: /tmp Run as ‘nobody’ euid = 65534, egid =  Note: This script requires package ‘ruby’ installed Remember to add ‘/usr/local/bin’ as your path (for ruby)

Computer Center, CS, NCTU 13 Puppet – Command Execution - How to verify your work  Result : /tmp/sa-demo-out on agents  Grading Executable : 2% PATH : 1% CWD : 1% EUID 、 EGID: 1% Date: :40: Checking PATH: /root ===> true Checking CWD: /tmp ===> true Checking EUID: ===> true Checking EGID: ===> true

Computer Center, CS, NCTU 14 Jail (10 %)  Originally, you may use 3 (virtual) machines to install FreeBSD  Now, Use only 1 machine with Jail  Create a jail for each host

Computer Center, CS, NCTU 15 Deadline  Date: 1/20 (May subject to minor adjustment)  Demo after final exam  More details about demo will be announced soon

Computer Center, CS, NCTU 16 Help!  Newsgroup cs.course.sysadm  BS2 board CS-SysAdmin  CSCC (EC building 3F)  (For complex problems)  IRC channel #nctuNASA (Recommend) passwd: ILoveCSCC Use screen or tmux to stay online, so TAs can tag you to answer your questions.  Before you ask a question… 提問的智慧 : How To Ask Questions The Smart Way

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.