Presentation is loading. Please wait.

Presentation is loading. Please wait.

LDAP related development at Carnegie Mellon ● OpenLDAP and SQL ● LDAP everywhere ● Cyrus SASL development.

Published byBrianna Palmer Modified over 8 years ago

Similar presentations

Presentation on theme: "LDAP related development at Carnegie Mellon ● OpenLDAP and SQL ● LDAP everywhere ● Cyrus SASL development."— Presentation transcript:

1 LDAP related development at Carnegie Mellon ● OpenLDAP and SQL ● LDAP everywhere ● Cyrus SASL development

2 LDAP and SQL ● Currently, metadir.andrew.cmu.edu is an OpenLDAP 2.0 with ldbm ● Slurpd replication is used to ~4 identical replicas ● No foreign key constraints, LDAP interface is “hard” for certain users ● Plus, we have an Oracle site license

3 LDAP and SQL (2) ● Problems with SQL backend – How to do replication if we want to write directly to the database – How to make the database schema good for LDAP but also usable for other access

4 LDAP everywhere ● Administrative applications need information from data stores ● How many access protocols should any one programmer need to use? ● Lots of applications have inherent lists of resources (users, mailboxes, machines, etc.) ● Privilege delegation/authorization – we want help desk people to be able to check quotas, but not modify them

5 LDAP everywhere ● PTS backend is an example we've implemented – Exports AFS users and groups, read-only – Hopefully will ease our group transition ● Where do we run the LDAP server? ● How tightly do we integrate the backend to the instrumented application?

6 Cyrus SASL development ● Bug fixes, bug fixes, bug fixes – DIGEST-MD5 DES fixed (finally!) ● SASL API standardization – Allow interactions in server API to support async programming models – Library/application interaction changes? – Move sasl_set_alloc() into callbacks?

7 Cyrus SASL auxprops ● SunONE (Chris Newman) fixes to code ● auxprop API not well understood – Server-side API for retrieving user attributes – Most popular is “userpassword”--cleartext password – More general so that expensive lookups can get everything a server might need ● Currently, the “sasldb” plugin is the only auxprop plugin we ship

8 An LDAP auxprop plugin? ● OpenLDAP ships with one possible auxprop implementation ● Lots of interest in an LDAP auxprop for things like Cyrus IMAP (get passwords, groups, etc.) ● Generic auxprop plugin that communicates to a separate process ● Process caches connections, handles uid/dn mapping

9 Cyrus SASL ● I'll take any questions ●... compliments ●... complaints ●... abuse ●... whatever

Download ppt "LDAP related development at Carnegie Mellon ● OpenLDAP and SQL ● LDAP everywhere ● Cyrus SASL development."

Similar presentations

Whether you like it or not! Importance increases significantly with SharePoint 2013 Pretty much every investment area relies on Profiles for core.

Whether you like it or not! Importance increases significantly with SharePoint 2013 Pretty much every investment area relies on Profiles for core.
Database Architectures and the Web

Database Architectures and the Web
Overview of Database Administrator (DBA) Tools

Overview of Database Administrator (DBA) Tools
Oracle9i Database Administrator: Implementation and Administration 1 Chapter 2 Overview of Database Administrator (DBA) Tools.

Oracle9i Database Administrator: Implementation and Administration 1 Chapter 2 Overview of Database Administrator (DBA) Tools.
Objectives In this session, you will learn to:

Objectives In this session, you will learn to:
National Center for Supercomputing Applications Integrating MyProxy with Site Authentication Jim Basney Senior Research Scientist National Center for Supercomputing.

National Center for Supercomputing Applications Integrating MyProxy with Site Authentication Jim Basney Senior Research Scientist National Center for Supercomputing.
Active Directory: Final Solution to Enterprise System Integration

Active Directory: Final Solution to Enterprise System Integration
Toolbox Mirror -Overview Effective Distributed Learning.

Toolbox Mirror -Overview Effective Distributed Learning.
1 CS 502: Computing Methods for Digital Libraries Lecture 22 Web browsers.

1 CS 502: Computing Methods for Digital Libraries Lecture 22 Web browsers.
Email Server Upgrade From UW to Cyrus. What is an IMAP Server? Provides access to your mail messages stored on the mail server Requires authentication.

Server Upgrade From UW to Cyrus. What is an IMAP Server? Provides access to your mail messages stored on the mail server Requires authentication.
Software Frameworks for Acquisition and Control European PhD – 2009 Horácio Fernandes.

Software Frameworks for Acquisition and Control European PhD – 2009 Horácio Fernandes.
1 Lecture 13: Database Heterogeneity Debriefing Project Phase 2.

1 Lecture 13: Database Heterogeneity Debriefing Project Phase 2.
©Silberschatz, Korth and Sudarshan18.1Database System Concepts Centralized Systems Run on a single computer system and do not interact with other computer.

©Silberschatz, Korth and Sudarshan18.1Database System Concepts Centralized Systems Run on a single computer system and do not interact with other computer.
NFS. The Sun Network File System (NFS) An implementation and a specification of a software system for accessing remote files across LANs. The implementation.

NFS. The Sun Network File System (NFS) An implementation and a specification of a software system for accessing remote files across LANs. The implementation.
Introduction Need: A dynamic, user controlled website Built in forums, security, and news support Work with existing OpenInsight application Seamless.

Introduction Need: A dynamic, user controlled website Built in forums, security, and news support Work with existing OpenInsight application Seamless.
MDB Install Overview for Federated and Shared MDBs Revised June 19, 2006.

MDB Install Overview for Federated and Shared MDBs Revised June 19, 2006.
Authenticating REST/Mobile clients using LDAP and OERealm

Authenticating REST/Mobile clients using LDAP and OERealm
Understanding Active Directory

Understanding Active Directory
Web Application Architecture: multi-tier (2-tier, 3-tier) & mvc

Web Application Architecture: multi-tier (2-tier, 3-tier) & mvc
Advance Computer Programming Java Database Connectivity (JDBC) – In order to connect a Java application to a database, you need to use a JDBC driver. –

Advance Computer Programming Java Database Connectivity (JDBC) – In order to connect a Java application to a database, you need to use a JDBC driver. –

Similar presentations

Ads by Google