Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Integration of Network Service Authentication Design and Implementation for Secondary and Elementary School 報告人 : 洪 志 明 洪 志 明‧楊 中 皇洪 志 明‧楊 中 皇洪 志 明‧楊.

Similar presentations


Presentation on theme: "The Integration of Network Service Authentication Design and Implementation for Secondary and Elementary School 報告人 : 洪 志 明 洪 志 明‧楊 中 皇洪 志 明‧楊 中 皇洪 志 明‧楊."— Presentation transcript:

1 The Integration of Network Service Authentication Design and Implementation for Secondary and Elementary School 報告人 : 洪 志 明 洪 志 明‧楊 中 皇洪 志 明‧楊 中 皇洪 志 明‧楊 中 皇洪 志 明‧楊 中 皇

2 Agenda Introduction Research Motivation and Objective. Background Knowledge OpenLDAP Integrates FTP, Open Webmail and Samba. Moodle: A Course Management System. SFS: Student Affairs System. Design and Practical Work Overall Construction SHS: Self-help Service. AIM: Authenticate Integration Manager. LAM: LDAP Account Manager. Discussion and Future Research Conclusion

3 Introduction Research Motivation ID/PW is often over distributed. The authentication integration has not yet being taken seriously in the Secondary and Elementary schools. This type of problem will be one of the main troubles for impetus information technology. Research Objective Practical basic framework Providing web interface for users to change and reset their passwords. Providing web interface for the administrator setting up the system configuration. Translate LAM into Traditional Chinese

4 Background Knowledge OpenLDAP Integrates FTP Authentication Using PAM (Pluggable Authentication Modules) /NSS (Name Service Switch). Setting up the global configuratoin file of LDAP client: /etc/ldap.conf Using the authconfig tool for the FC system. Setting up /etc/openldap/slapd.conf on the openLDAP Server side

5 Background Knowledge OpenLDAP Integrates Open Webmail Authentication After installing Open Webmail correctly, also need to install perl-Auth-pam. Change auth_module attribute in openwebmail/etc/openwebamil.conf Change servicename attribute value in openwebmail/etc/default.conf/auth_pm.conf into “openwebmail” Create /etc/pam.d/openwebmail file

6 Background Knowledge OpenLDAP integrates Samba Authentication Setting /etc/samba/smb.conf on Samba server. Using “smbpassed –w”command to set up binding password copy /usr/share/doc/samba-x.x.x/LDAP/samba.schema to /etc/openldap/schema/ Setting up /etc/openldap/slapd.conf on the openLDAP Server. root#/etc/rc.d/init.d/ldap stop; slapindex – v Use smbldap-tools to assist for completing the miscellaneous matters.

7 Background Knowledge Moodle: A Course Management System A free, Open Source software package to help educators create effective online learning communities. SFS: Student Affairs System At the moment there are over five hundred Secondary and Elementary Schools in Taiwan are using this system.

8 Design and Practical Work Overall Construction

9 Design and Practical Work Chang Linux (FTP and Open Webmail), Samba and MySQL-Based AP’s passwords simultaneously and individually. Supports 17 types of password policy such as dictionarycheck and Windows’ highest 24 history password limits. The password reset function will send a random password to the email address that user registered before. SHS: Self-help Service

10 Design and Practical Work AIM: Authenticate Integration Manager Interface Setting parameters for SHS. May group the Password policy, apply different password policy according to different user. May synchronize data between OpenLDAP and MySQL. Batch Changing Password.

11 Design and Practical Work AIM: Authenticate Integration Manager Interface

12 Design and Practical Work AIM: Authenticate Integration Manager Interface

13 Design and Practical Work AIM: Authenticate Integration Manager Interface

14 Design and Practical Work AIM: Authenticate Integration Manager Interface

15 Design and Practical Work LAM: LDAP Account Manager The whole interface almost doesn’t use the special terms of LDAP, but matches general account administration habits, to administrate Linux system account and Samba account.

16 Discussion and Future Research The system we developed will achieve the following goals: Integration. Independent. Security. Flexibility. Use friendly. The support of LDAP to password policy is at the draft stage of IETF. There will be more and more web-based AP support LDAP authentication in the future. SSO(Single Sign-on) based on LDAP We look forward to support other LDAP server and RDB in the future.

17 Conclusion This research is focused on the necessity and the inevitability of the Secondary and Elementary School authentication integration. By AIM, SHS and LAM, we can integrate the authentication and synchronize passwords as well as resolve the problems of account management. This research will have some contribution for boosting campus information technology and enhancing network security.

18 Thanks for your attention. 報告人 : 洪 志 明


Download ppt "The Integration of Network Service Authentication Design and Implementation for Secondary and Elementary School 報告人 : 洪 志 明 洪 志 明‧楊 中 皇洪 志 明‧楊 中 皇洪 志 明‧楊."

Similar presentations


Ads by Google