dCache and LDAP AuthN Ron Trompert SURFsara A :ny Bit - PowerPoint PPT Presentation

Dec 14, 2022 •415 likes •519 views

dCache and LDAP AuthN Ron Trompert SURFsara A :ny Bit of History Number of systems Own user administra:on system Some users had access

dCache ¡and ¡LDAP ¡AuthN ¡ Ron ¡Trompert ¡ SURFsara ¡
A ¡ :ny ¡ Bit ¡of ¡History ¡ • Number ¡of ¡systems ¡ – Own ¡user ¡administra:on ¡system ¡ – Some ¡users ¡had ¡access ¡to ¡more ¡than ¡one ¡system ¡ • Mul:ple ¡loginnames ¡and ¡passwds ¡ L ¡ • Central ¡User ¡Administra:on ¡(CUA) ¡ – Pam_ldap ¡ – Set ¡of ¡ldap ¡servers ¡ • Redundant, ¡failover, ¡blablablabla ¡ – One ¡loginname ¡and ¡one ¡passwd ¡ • Select ¡systems ¡where ¡the ¡user ¡should ¡have ¡access ¡to ¡
About ¡dCache ¡ • Uids ¡and ¡gids ¡in ¡CUA ¡ • ¡WebDAV ¡with ¡hMp ¡basic ¡authn ¡ – Uids ¡and ¡gids ¡in ¡CUA ¡but ¡passwd ¡not ¡ – Need ¡LDAP ¡AuthN ¡
JAAS ¡ • AuthN ¡and ¡AuthZ ¡ • Pluggable ¡ • Now ¡in ¡dCache ¡ – kerberos ¡
JAAS ¡and ¡Kerberos ¡ • Jaas ¡config ¡file ¡ – default: ¡ ¡ kerberos.jaas.config=/etc/dcache/jgss.conf � – jgss.conf: ¡
JAAS ¡and ¡Kerberos ¡ • gplazma.conf: ¡ ¡ ¡
JAAS ¡and ¡LDAP ¡ • JAAS ¡config ¡file ¡ – dcache.conf: ¡ kerberos.jaas.config=/etc/dcache/ldap.conf � – ldap.conf: ¡
JAAS ¡and ¡LDAP ¡ • AuthN ¡went ¡fine, ¡but…… ¡ It ¡did ¡not ¡work ¡out ¡of ¡the ¡box. ¡Module ¡ produced ¡principles ¡which ¡could ¡not ¡be ¡ handled ¡by ¡other ¡gplazma ¡modules ¡for ¡ mapping ¡ • Tigran ¡wrote ¡the ¡mutator ¡module, ¡thanks ¡!!! ¡
JAAS ¡and ¡LDAP ¡ • gplazma.conf: ¡
¡ ¡ Ques:ons????? ¡

Recommend

Introduction to LDAP Frank A. Kuse Introduction to LDAP AGENDA Understanding LDAP

Introduction to LDAP Frank A. Kuse Introduction to LDAP AGENDA Understanding LDAP LDAP Servers Information Structure Protocol Overview LDAP operations UNDERSTANDING LDAP LDAP stands for Lightweight Directory Access

268 views • 12 slides

dCache dCache seminar at FERMIlab dCache.ORG Patrick Fuhrmann et al. dCache.ORG and slides

dCache dCache seminar at FERMIlab dCache.ORG Patrick Fuhrmann et al. dCache.ORG and slides stolen from nearly everywhere additional funding, support or contributions by d-grid DGI II P. Fuhrmann Sep 26, 2008 dCache seminar, FERMIlab

375 views • 34 slides

dCache Beginners Course Introducing dCache An overview to dCache and how it is deployed in grid

dCache Beginners Course Introducing dCache An overview to dCache and how it is deployed in grid environments. Karlsruhe Institute of Technology (KIT), Steinbuchcentre for Computing (SCC) KIT University of the State of Baden-Wuerttemberg and

297 views • 12 slides

dCache in Use at DESY dCache in Use DESY DV/IT 5.7.2010 Overview grid gridFTP, (gsi)dcap,

Andreas Haupt, Birgit Lewendel dCache in Use at DESY dCache in Use DESY DV/IT 5.7.2010 Overview grid gridFTP, (gsi)dcap, SRM dcache-se-desy dcache-se-cms dcache-se-atlas lcg-se1 lcg-se0 Calice, CFEL, GKSS, ILC, Olympus, Petra3,

417 views • 7 slides

dCache for Photon Science Outline: Overview and Resources Photon dCache Monitoring Birgit

dCache for Photon Science Outline: Overview and Resources Photon dCache Monitoring Birgit Lewendel for the dCache operations team Summary DESY IT 6th dCache Workshop dCache at DESY DESY National Analysis Facility Zeuthen 0.7 PB CTA

100 views • 7 slides

Whats new since 2016 Tigran Mkrtchyan for dCache Team dCache User Workshop, Ume, Sweden

Whats new since 2016 Tigran Mkrtchyan for dCache Team dCache User Workshop, Ume, Sweden What will be NOT covered with talks Changes in REST API New functionality in dCache-view CEPH HA-dCache Macaroons and OpenID-connect

267 views • 25 slides

dCache NFSv4.1 Tigran Mkrtchyan Zeuthen, 13.04.12 dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 |

dCache NFSv4.1 Tigran Mkrtchyan Zeuthen, 13.04.12 dCache NFSv4.1 | Tigran Mkrtchyan | 4/13/12 | Page 1 Outline NFSv41 basics NFSv4.1 concepts PNFS Id mapping Industry standard dCache implementation dCache NFSv4.1 |

1.14k views • 46 slides

How we implemented an LDAP directory Multiple Simultaneous Requests . . . . . . . . . . . . . . .

Getting Started What do you already know about ldap ? . . . . . . . . . . . . . . slide #3 What Do You Want? . . . . . . . . . . . . . . . . . . . . . . . . . . . . slide #4 Argument for LDAP Account Information . . . . . . . . . . . . . . . . .

442 views • 26 slides

dCache - delegated storage solutions Tigran Mkrtchyan for dCache Team ISGC 2016, Taiwan dCache

dCache - delegated storage solutions Tigran Mkrtchyan for dCache Team ISGC 2016, Taiwan dCache on one slide JVM JVM JVM Message passing layer Door(s) Pool Manager Name Space Pools (clients entry point) Door Pools (requests scheduler)

254 views • 21 slides

CMS Subgroups in dCache 2.2 CMS T3 requirements for dCache We manage a CMS T3 cluster financed

CMS Subgroups in dCache 2.2 CMS T3 requirements for dCache We manage a CMS T3 cluster financed by 3 Swiss Institutes: PSI , UniZ , ETHZ ; during 2013 we will run 700TB net based on 2*NetApp E5400 + 4*Sun X4500 + 5*Sun X4540 ; Our user

210 views • 10 slides

Effjcient Message Serialization for Inter-Service Communication in dCache Evaluating a Replacement

Effjcient Message Serialization for Inter-Service Communication in dCache Evaluating a Replacement for Java Serialization in dCache Lea Morschel for dCache Team, November 7 2019 About dCache A distributed petabyte-scale storage system for

713 views • 42 slides

dCache: Powerful Storage Made Easy Paul l Milla illar (on behalf of the dCache.org team)

dCache: Powerful Storage Made Easy Paul l Milla illar (on behalf of the dCache.org team) dCache dCache is powerful storage system, providing what people need, now. We're also pushing the envelope of what storage systems can do.

1.04k views • 25 slides

dCache dCache in the in the NDGF Distributed Tier 1 NDGF Distributed Tier 1 Gerd Behrmann

dCache dCache in the in the NDGF Distributed Tier 1 NDGF Distributed Tier 1 Gerd Behrmann Second dCache Workshop Hamburg, 18 th of January 2007 NORDUnet A/S NORDUnet A/S The Nordic Regional Research and Educational Network (RREN)

520 views • 18 slides

dCache, selected topics (LCG MB) Patrick Fuhrmann dCache.ORG additional funding, support or

dCache.ORG dCache, selected topics (LCG MB) Patrick Fuhrmann dCache.ORG additional funding, support or contributions by d-grid DGI II Phone Meeting 4.8.2009 LCG MB Patrick Fuhrmann Content Chimera and the Pnfs to Chimera Migration

176 views • 15 slides

Integra(on of Billing (Accoun(ng) Plots ( dCache 2.1+) Albert L.

Integra(on of Billing (Accoun(ng) Plots ( dCache 2.1+) Albert L. Rossi Fermi Na(onal Accelerator Laboratory Accoun(ng ( dCache Book , Chpt. 24) For dCache

401 views • 10 slides

US CMS Tier 1 dCache Timur Perelmutov, Fermilab dCache Workshop, DESY, January 19, 2007 1

US CMS Tier 1 dCache Timur Perelmutov, Fermilab dCache Workshop, DESY, January 19, 2007 1 Stage Area Stage Area -11 nodes-10TB Pools for staging files from tapes managed by dCache File Hopping Pool-to-Pool copy to read pools

407 views • 13 slides

The ! !dCache ! !labs 7 th !International !dCache !Workshop Patrick !Fuhrmann Welcome !to !7 th

The ! !dCache ! !labs 7 th !International !dCache !Workshop Patrick !Fuhrmann Welcome !to !7 th !International !dCache !Workshop !| !HTW !Berlin, !Berlin !| !Patrick !Fuhrmann !| !27 !May !2013 !| !1 Content CMS Disk / Tape separation

551 views • 27 slides

Chimera and NFS 4.1 in dCache dCache.ORG Patrick Fuhrmann Tigran Mkrtchyan presented by Peter

Chimera and NFS 4.1 in dCache dCache.ORG Patrick Fuhrmann Tigran Mkrtchyan presented by Peter van der Reest, DESY at HEPiX, Fall 2007 dCache.ORG Fuhrmann, Mkrtchyan, v.d.Reest HEPiX, Fall 2007 Nov 6, 2007 Content Motivation dCache.ORG

621 views • 16 slides

SRM Dmitry Litvintsev 7th international dCache workshop, May 27-29,2013 dCache Team Dmitry

SRM Dmitry Litvintsev 7th international dCache workshop, May 27-29,2013 dCache Team Dmitry Litvintsev Wednesday, May 29, 13 Plan SRM, a reminder SRM parameters SRM troubleshooting dCache Team 2 Dmitry Litvintsev

827 views • 34 slides

The Tivoli Storage Manager in the Large Hardron Patrick Collider Grid world Fuhrmann for the

dCache.ORG dCache.ORG The Tivoli Storage Manager in the Large Hardron Patrick Collider Grid world Fuhrmann for the dCache people TSM Symposium, Oxford Sep 27, 2005 Patrick Fuhrmann dCache.ORG dCache.ORG LCG Tier Center Mechanism Tier

573 views • 20 slides

dCache Storage Resource Manager introduction Timur Perelmutov For the dCache team Edinburgh,

dCache Storage Resource Manager introduction Timur Perelmutov For the dCache team Edinburgh, November 2007 Nov 13-14, 2007, Edinburgh SRM 2.2 Workshop 1 Project Topology : The Team Head of dCache.ORG Head of Development FNAL : Timur

281 views • 11 slides

7th International dCache Workshop Berlin Bits and Pieces 2013 Christian Bernardt (at DESY)

7th International dCache Workshop Berlin Bits and Pieces 2013 Christian Bernardt (at DESY) Berlin, 28.05.2013 dCache Team dCache Team Chris&an Bernardt Content New webpage IPv6 (OS, JVM, dCache) No PinManager for Tier 2

503 views • 33 slides

BNL dCache Status and Plan dCache Workshop: January 18-19, 2007 dCache Workshop: January 18-19,

BNL dCache Status and Plan dCache Workshop: January 18-19, 2007 dCache Workshop: January 18-19, 2007 Carlos Gamboa, Zhenping (Jane) Liu, Ofer Rind, Carlos Gamboa, Zhenping (Jane) Liu, Ofer Rind, Jason Smith & Yingzi (Iris) Wu &

294 views • 15 slides

dCache Beginners Course Pool Management and Selection Get to know the scientifics behind the

dCache Beginners Course Pool Management and Selection Get to know the scientifics behind the dCache pools. Karlsruhe Institute of Technology (KIT), Steinbuch Centre for Computing (SCC) KIT University of the State of Baden-Wuerttemberg and

131 views • 10 slides