Afs manager
Upcoming SlideShare
Loading in...5
×
 

Afs manager

on

  • 639 views

 

Statistics

Views

Total Views
639
Views on SlideShare
639
Embed Views
0

Actions

Likes
0
Downloads
1
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Afs manager Afs manager Presentation Transcript

  • BeoLink.org AFS Identity Management Fabrizio Manfredi FuruholmenAFS Workshop October 2008
  • Agenda BeoLink.org   Introduction   AFS Manager   Introduction   Features   Demo   Next Steps   PtServer-NG   Introduction   Architecture   Demo   Open Points
  • PtServer BeoLink.orgIntroduction Centrally administration “means” security and time/resource savings
  • PtServer BeoLink.orgIntroduction Accounts Centralization • Enterprise Directory • Change Application • High Availability Centralized Provisioning • Connectors for applications • Product • Identity Management
  • PtServer BeoLink.orgIntroduction Distributed Centralized • You don’t need change apps • Real-time • Low problem on HA • Consistency View • IDM with RBAC • Reuse existing Architecture
  • PtServer BeoLink.orgIntroduction AFS Manager • Graphical User Interface • Provisioning Interface ( multi mode) • Administration Task PtServer NG • Active Directory Integration • Directory Integration
  • BeoLink.orgAFS Manager
  • AFS Manager BeoLink.orgGoalsGUI • Interface for Windows Administrators • Simple to use • Complete overview of the Cell • Standard object for php scripting (CLI)Monitoring • Volume Access Monitoring • Volume Space Usage • System StatisticsWebService Interface • Provisioning Interface for Volume, User, Group • Automatic volume layout • Re-Balance (replications, move volumes ..)
  • AFS Manager BeoLink.orgDemo Demo …
  • AFS Manager BeoLink.orgArchitecture Client • AJAX • Acrobat APACHE + PHP • XML • JSON • PHP >= 5 • SQL Lite AFS • Adm Command Line
  • AFS Manager BeoLink.orgNext Code • Java backend ? • PHP Library • Object Cache WebService Interface • Automatic volume layout • Re-Balance (replications, move volumes ..)
  • BeoLink.orgEnd of part 1
  • BeoLink.orgPtserver NG
  • PtServer BeoLink.orgOverview Ptserver keeps user/group information • Ptserver contains entries for every user and group in the cell • Ptserver allocates AFS IDs for new user, machine and group entries and maps each ID to the corresponding name. • Ptserver generates a current protection subgroup (CPS) at the File Servers request. The CPS lists all groups to which a user or machine belongs Ubik is the openAFS database • Ubik is a single linear database • Ubik is automatically replicated across a number of servers. • Ubik is a ‘transactional’ database (supports fully distributed changes as long as a majority of the servers are up and are synchronized together in a write quorum)
  • PtServer BeoLink.orgGoals Create Pluggable user storage • Ubik • Ldap • Windows Create flexible user mapping • Mapping user id on existing system • Mapping group id on existing system
  • PtServer BeoLink.orgWinbindWinbind unifies UNIX and Windows NT account management byallowing a UNIX box to become a full member of an NT domainAuthentication • NTLM • ADS (Kerberos)Users Information • Account info • ID mappingGroups Information • Group info • ID Mapping
  • PtServer BeoLink.orgArchitecturePtserver • Network Layer • AD DriverWindbind • Cache • IDMAP EngineIDMAP Storage • Ldap • ADS • FileDomain Controller • Samba • WinNT/Win2*
  • Overview BeoLink.orgDemo Demo … high probability of crash ..
  • PtServer BeoLink.org Advantages • Single identity (single storage) • id mapping • gid mapping • Real time update • Pluggable in existing infrastructure Disvantages • Reliability • Performance
  • PtServer BeoLink.orgOpen points .. Licences • Load GPL 3 library, compatibility ? Performance • How many request per second ? Where to Store .. • Flags • Quota Group
  • BeoLink.org Reference• For Further Questions:• Fabrizio Manfredi• fabrizio.manfredi@gmail.com manfred.furuholmen@gmail.com• http://www.beolink.org Too Long The End
  • AD as IDM BeoLink.orgIdMappingIDMAP SID<->UID/GID • LDAP • Internal (TDB) • ADS (SFU/RFC)