dbis directory based information services
play

DBIS: Directory-Based Information Services A replacement for NIS and - PowerPoint PPT Presentation

Aug 22, 2023 •186 likes •283 views

DBIS: Directory-Based Information Services A replacement for NIS and RFC2307 by Mark R. Bannister dbis.sf.net Background RFC 2307, late 1990s (experimental) RFC 2307bis, 2002-2009 (draft) RFC 4876, 2007 nss_ldap (PADL, Sun

  1. DBIS: Directory-Based Information Services A replacement for NIS and RFC2307 by Mark R. Bannister dbis.sf.net

  2. Background ● RFC 2307, late 1990s (experimental) ● RFC 2307bis, 2002-2009 (draft) ● RFC 4876, 2007 ● nss_ldap (PADL, Sun Microsystems) ● NSS doesn't support all maps ● NSS libraries open their own LDAP connections ● 2005/2006 lightweight library, daemon process – Solaris 10 – nss-pam-ldapd dbis.sf.net

  3. Background ● 2010, merge two large NIS domains into AD – Clashing UIDs and GIDs – Duplicate configuration (NSS and automounter) – 10,000+ netgroup entries ● 2013, NIS-to-LDAP migration – Case sensitivity – Custom attributes and object classes dbis.sf.net

  4. Approach ● Split RFC 2307 & RFC 2307bis into separate documents ● Needed a new name: DBIS ● Mission: – Solve case sensitivity problem – Add enterprise-class features – Mix schemas & clients – Not allowed to redefine attributes / classes – Thin NSS library / daemon process – nss_dbis / nss_ldap can work together ● New IETF internet drafts, 2013 ● Reference implementation completed 2015 dbis.sf.net

  5. Features ● Configuration maps ● Case-sensitive attributes, e.g. en (exactName) ● Replacement object classes, e.g. posixUserAccount ● Transformation rules – Prefix, suffix, increment, decrement ● Overlays ● Netgroup constraints, i.e. tailored “views” ● Netservices – Roles, permissions and services “Am I in this netgroup? Therefore I have this role” becomes “Do I have this role?” (DBIS client handles netgroup check) dbis.sf.net

  6. Miscellaneous ● dbisMapGecos (passwd maps) ● Automount improvements ● netgroupUser, netgroupHost ● ipv4Address, ipv6Address ● LDAP alias objects ● disableObject ● dbisMapName (custom maps) ● Comprehensive schema comparison: – http://sourceforge.net/p/dbis/wiki/DBIS%20and%20RFC2307%20schemas/ dbis.sf.net

  7. Reference Implementation ● DBIS 1.5.0, September 2015 – Tested on OpenSUSE, RHEL and Solaris – dbis-cachemgr – nss_dbis – dbis – Python API – Perl API – C API – Pyloom dbis.sf.net

  8. Future Plans ● Integration: Autofs, Sudo, Puppet ● Multi-column custom data ● Packaging ● LDAP persistent searches ● Migration tools ● Java API ● Load-balancing algorithms ● LDAP authentication schemes ● LDAP server profiles ● Defacto standard for reference data dbis.sf.net

  9. Further Information IETF Internet Drafts: ● – DBIS Mapping Objects: draft-bannister-dbis-mapping – DBIS Netgroups and Netservices: draft-bannister-dbis-netgroup – DBIS Users and Groups: draft-bannister-dbis-passwd – DBIS Hosts, Networks and Services: draft-bannister-dbis-hosts – DBIS Devices: draft-bannister-dbis-devices – DBIS Automounter: draft-bannister-dbis-automounter – DBIS Custom Maps: draft-bannister-dbis-custom Download DBIS from SourceForge, try it today! ● http://dbis.sf.net Blog articles: ● http://technicalprose.blogspot.co.uk/2013/08/introducing-dbis.html Connect to me on LinkedIn: ● https://uk.linkedin.com/in/mbannister Discuss DBIS on (old) IETF mailing list: ldapext@ietf.org ● dbis.sf.net

Recommend

WHAT IS THE SERVICE DIRECTORY? USING THE DIRECTORY Simple format- search by Service Name (if

WHAT IS THE SERVICE DIRECTORY? USING THE DIRECTORY Simple format- search by Service Name (if

A one-stop shop , district and borough-wide register of local services , events and other assets Professional directory- the information on it is not made available to the wider public. Users can see at a glance what the service can do

294 views • 11 slides
Directories and directory implementation Introduction to directory implementation and the art of

Directories and directory implementation Introduction to directory implementation and the art of

Directories and directory implementation Introduction to directory implementation and the art of attributes Miroslav Milinovic, University Computing Centre, University of Zagreb Jasmina Hodzic, Center for Information Technology Services,

1.65k views • 20 slides
Directory Services A service that stores collections of bindings between names and attributes, and

Directory Services A service that stores collections of bindings between names and attributes, and

Directory Services A service that stores collections of bindings between names and attributes, and looks up entries that match attribute-based specifications (e.g., Microsoft's Active Directory Service, X.500 and LDAP) Case Study - X.500

515 views • 12 slides
Active Directory By: Kishor Datar 10/25/2007 What is a directory service? Directory

Active Directory By: Kishor Datar 10/25/2007 What is a directory service? Directory

Active Directory By: Kishor Datar 10/25/2007 What is a directory service? Directory Collection of related objects Files, Printers, Fax servers etc. Directory Service Information needed to use and manage the objects. Source

438 views • 27 slides
Directory Services Landscape Services, Technologies, Protocols, Products, and the Medium Mohsen

Directory Services Landscape Services, Technologies, Protocols, Products, and the Medium Mohsen

Directory Services Landscape Services, Technologies, Protocols, Products, and the Medium Mohsen Banan <public@mohsen.banan.1.byname.net> 07/08/2000 1 Outline Directory Concepts X.500 & OSI Directory X.509 & PKI

666 views • 50 slides
Chapter 9: Name Services 9.1 Introduction 9.2 Name services and the DNS 9.3 Directory

Chapter 9: Name Services 9.1 Introduction 9.2 Name services and the DNS 9.3 Directory

Chapter 9: Name Services 9.1 Introduction 9.2 Name services and the DNS 9.3 Directory services 9.6 Summary Learning objectives To understand the need for naming systems in distributed systems To be familiar with the design

682 views • 20 slides
Integration with Active Directory Jeremy Allison Samba Team Benefits of using Active Directory

Integration with Active Directory Jeremy Allison Samba Team Benefits of using Active Directory

Integration with Active Directory Jeremy Allison Samba Team Benefits of using Active Directory Unlike the earlier Microsoft Windows NT 4.x Domain directory service which used proprietary DCE/RPC calls, Active Directory is based on standard

557 views • 27 slides
Netscape Directory and Calendar Server More information on :

Netscape Directory and Calendar Server More information on :

Netscape Directory and Calendar Server More information on : http://www.cs.kuleuven.ac.be/faq/Calendar (also via home page DeptCW > Interne Informatie > FAQ > Directory & Calendar Servers) Date: 18/02/2000 Slide 1

664 views • 31 slides
Directory-based Cache Coherency 1 To read more This days papers: Lenoski et al, The

Directory-based Cache Coherency 1 To read more This days papers: Lenoski et al, The

Directory-based Cache Coherency 1 To read more This days papers: Lenoski et al, The Directory-Based Cache Coherence Protocol for the DASH Multiprocessor Supplementary readings: Hennessy and Patterson, section 5.4 Molka et al,

792 views • 57 slides
Directory-based Coherence ( 5.4) Idea : Implement a directory that keeps track of where

Directory-based Coherence ( 5.4) Idea : Implement a directory that keeps track of where

Directory-based Coherence ( 5.4) Idea : Implement a directory that keeps track of where each copy of a block is cached and its state in each cache (note that with snooping, the state of a block was kept only in the cache).

515 views • 5 slides
Directory Services Status Update (including ARP Op:miza:on) Donald Eastlake, Li Yizhou (Huawei)

Directory Services Status Update (including ARP Op:miza:on) Donald Eastlake, Li Yizhou (Huawei)

Directory Services Status Update (including ARP Op:miza:on) Donald Eastlake, Li Yizhou (Huawei) d3e3e3@gmail.com liyizhou@huawei.com July 2016 TRILL WG 1 Directory Services Related Dra>s In RFC Editors queue

437 views • 11 slides
Next Generation Next Generation gTLD Dir gTLD Directory Services ectory Services Pr

Next Generation Next Generation gTLD Dir gTLD Directory Services ectory Services Pr

Next Generation Next Generation gTLD Dir gTLD Directory Services ectory Services Pr Presentation by the esentation by the Expert W Expert Working Gr orking Group (EWG) oup (EWG) Next Generation gTLD Directory Services

569 views • 15 slides
LDAP (Lightweight Directory Access Protocol) wangth Computer Center, CS, NCTU What is Directory

LDAP (Lightweight Directory Access Protocol) wangth Computer Center, CS, NCTU What is Directory

LDAP (Lightweight Directory Access Protocol) wangth Computer Center, CS, NCTU What is Directory Service? What is Directory Service ( ) Highly optimized for reads Implements a distributed model for storing information

554 views • 39 slides
OntoGather Information Gathering in a Dynamic World Thomas Hornung Kai Simon Georg Lausen

OntoGather Information Gathering in a Dynamic World Thomas Hornung Kai Simon Georg Lausen

OntoGather Information Gathering in a Dynamic World Thomas Hornung Kai Simon Georg Lausen Group DBIS Albert-Ludwigs-Universit at Freiburg June 11, 2006 T. Hornung, K.Simon, G.Lausen (DBIS) OntoGather PPSWR 06 1 / 5 Classic Web search

564 views • 8 slides
Directory Services and Interoperability A short chronicle of FAIL! :-) Simo Sorce Samba Team /

Directory Services and Interoperability A short chronicle of FAIL! :-) Simo Sorce Samba Team /

Directory Services and Interoperability A short chronicle of FAIL! :-) Simo Sorce Samba Team / Red Hat, Inc. Directory Services Centralize: management of users management of machines control of security settings configuration management

280 views • 16 slides
UNIX Commands CIS 218 Advanced UNIX Commands (UNIX) File/Directory information ls

UNIX Commands CIS 218 Advanced UNIX Commands (UNIX) File/Directory information ls

UNIX Commands CIS 218 Advanced UNIX Commands (UNIX) File/Directory information ls LiSt. Shows contents of current directory. cd Change Directory mv

264 views • 7 slides
Stash Directory: A Scalable Directory for Many-Core

Stash Directory: A Scalable Directory for Many-Core

Stash Directory: A Scalable Directory for Many-Core Coherence Socrates Demetriades and Sangyeun Cho 20 th Interna+onal Symposium On High Performance

782 views • 31 slides
Wellbeing Information and Signposting for Herefordshire WISH An online, web based service

Wellbeing Information and Signposting for Herefordshire WISH An online, web based service

APPENDIX 1 WISH Wellbeing Information and Signposting for Herefordshire WISH An online, web based service for local people including families, professionals and individuals of all ages Information and advice and directory of

411 views • 17 slides
Infrastructure Systems Fred Seaton, Sr. UNIX Administrator SERVICES PROVIDED

Infrastructure Systems Fred Seaton, Sr. UNIX Administrator SERVICES PROVIDED

Infrastructure Systems Fred Seaton, Sr. UNIX Administrator SERVICES PROVIDED Infrastructure: VMWare, UNIX, Windows, and Mac servers Authentication Services: CAS , LDAP, Active Directory, Open Directory Email Services:

128 views • 8 slides
Decision Support Systems Directory an Envirolink T ools Project A web-based searchable

Decision Support Systems Directory an Envirolink T ools Project A web-based searchable

Decision Support Systems Directory an Envirolink T ools Project A web-based searchable directory of Decision Support Systems (models, tools, frameworks) that: provides key metadata for each DSS; provides relevant case studies of

311 views • 8 slides
Yasser F. O. Mohammad REMINDER 1: What is X.509? Part of X.500 standard for directory services

Yasser F. O. Mohammad REMINDER 1: What is X.509? Part of X.500 standard for directory services

Yasser F. O. Mohammad REMINDER 1: What is X.509? Part of X.500 standard for directory services Recommended by ITU-T in 1988 Used in many applications SSL/TLS S/MIME IP Security SET etc No specific public key

405 views • 40 slides
EWG Final Report: Next Generation Registration Directory Service (RDS) Overview

EWG Final Report: Next Generation Registration Directory Service (RDS) Overview

EWG Final Report: Next Generation Registration Directory Service (RDS) Overview Expert Working Group on gTLD Directory Services (EWG) 23 June, 2014 Session Agenda About the EWG Overview of the EWGs Final

948 views • 36 slides
DBIs Social Media Breakfast: Whats Next in Social Media? Jamie Licko, Centro Inc. The

DBIs Social Media Breakfast: Whats Next in Social Media? Jamie Licko, Centro Inc. The

DBIs Social Media Breakfast: Whats Next in Social Media? Jamie Licko, Centro Inc. The Definition Social Media is the democratization of Information transforming people from content readers and consumers into content publishers. Its

478 views • 36 slides
Azure Active Directory Provider The Azure Provider can be used to congure infrastructure in

Azure Active Directory Provider The Azure Provider can be used to congure infrastructure in

Azure Active Directory Provider The Azure Provider can be used to congure infrastructure in Azure Active Directory (https://azure.microsoft.com/en- us/services/active-directory/) using the Azure Resource Manager API's. Documentation regarding

925 views • 46 slides

More recommend