This document provides an overview of LDAP (Lightweight Directory Access Protocol). It discusses directory services and the need for LDAP, provides an introduction to LDAP including its benefits and basics, and covers setting up and tuning OpenLDAP as well as other LDAP tools and applications.
Active Directory & LDAP Authentication Without TriggersPerforce
See how to build Active Directory and LDAP authentication into the Perforce Server, streamlining the process of linking your Perforce environment with your enterprise authentication system—no triggers required!
Active Directory & LDAP Authentication Without TriggersPerforce
See how to build Active Directory and LDAP authentication into the Perforce Server, streamlining the process of linking your Perforce environment with your enterprise authentication system—no triggers required!
Introduction to Apache Spark. With an emphasis on the RDD API, Spark SQL (DataFrame and Dataset API) and Spark Streaming.
Presented at the Desert Code Camp:
http://oct2016.desertcodecamp.com/sessions/all
Apache Spark in Depth: Core Concepts, Architecture & InternalsAnton Kirillov
Slides cover Spark core concepts of Apache Spark such as RDD, DAG, execution workflow, forming stages of tasks and shuffle implementation and also describes architecture and main components of Spark Driver. The workshop part covers Spark execution modes , provides link to github repo which contains Spark Applications examples and dockerized Hadoop environment to experiment with
This presentation is an introduction to Apache Spark. It covers the basic API, some advanced features and describes how Spark physically executes its jobs.
Open LDAP as A directory serviceis a system for storing and retrieving information in a tree-like structure with the following key properties:
Optimized for reading Distributed storage model Extensible data storage types Advanced search capabilities Consistent replication possibilities
[Srijan Wednesday Webinar] Decoupled Demystified: The Present & Future of Dr...Srijan Technologies
Speaker: Preston So, Development manager, Acquia Labs
It’s been a little over a year since Drupal 8 was released with RESTful web services available out of the box, but that doesn’t mean that our community hasn’t kept pace with unprecedented progress in the landscape around us. Since November 2015, we’ve released two new minor versions of Drupal 8, each with exciting new features in the core REST API, thanks to the indefatigable team comprising the API-first initiative.
Nonetheless, changes are occurring simultaneously in the wider API landscape which are challenging our perceptions and, accordingly, our approaches. Alternatives to our core REST implementation such as JSON API and GraphQL are quickly gaining steam in the front-end world.
Join the webinar as we delve into what’s changed since the release of Drupal 8 in core web services, how core and Drupal’s wider web services ecosystem will evolve in coming minor versions, and how the API-first initiative is anticipating further evolution in our fast-moving surroundings.
Who's This For?
- Back-end developers
- Front-end developers
- Decoupled application developers
- Architects
- Drupal contributors
What's in it for You?
- Learn about the changes in web services since Drupal 8’s release in 2015
- Understand how the wider context of web services has shifted around us, and how we are working to ensure Drupal remains at the forefront of API-first content management
- Learn how to work with web services solutions in the newest iterations of Drupal 8
- Know how the upcoming releases of Drupal will evolve to ensure Drupal’s web services success
Check out our other webinars at: www.srijan.net/webinars
Video to talk: https://www.youtube.com/watch?v=gd4Jqtyo7mM
Apache Spark is a next generation engine for large scale data processing built with Scala. This talk will first show how Spark takes advantage of Scala's function idioms to produce an expressive and intuitive API. You will learn about the design of Spark RDDs and the abstraction enables the Spark execution engine to be extended to support a wide variety of use cases(Spark SQL, Spark Streaming, MLib and GraphX). The Spark source will be be referenced to illustrate how these concepts are implemented with Scala.
http://www.meetup.com/Scala-Bay/events/209740892/
Apache Spark Introduction | Big Data Hadoop Spark Tutorial | CloudxLabCloudxLab
Big Data with Hadoop & Spark Training: http://bit.ly/2spQIBA
This CloudxLab Introduction to Apache Spark tutorial helps you to understand Spark in detail. Below are the topics covered in this tutorial:
1) Spark Architecture
2) Why Apache Spark?
3) Shortcoming of MapReduce
4) Downloading Apache Spark
5) Starting Spark With Scala Interactive Shell
6) Starting Spark With Python Interactive Shell
7) Getting started with spark-submit
Introduction to Apache Spark. With an emphasis on the RDD API, Spark SQL (DataFrame and Dataset API) and Spark Streaming.
Presented at the Desert Code Camp:
http://oct2016.desertcodecamp.com/sessions/all
Apache Spark in Depth: Core Concepts, Architecture & InternalsAnton Kirillov
Slides cover Spark core concepts of Apache Spark such as RDD, DAG, execution workflow, forming stages of tasks and shuffle implementation and also describes architecture and main components of Spark Driver. The workshop part covers Spark execution modes , provides link to github repo which contains Spark Applications examples and dockerized Hadoop environment to experiment with
This presentation is an introduction to Apache Spark. It covers the basic API, some advanced features and describes how Spark physically executes its jobs.
Open LDAP as A directory serviceis a system for storing and retrieving information in a tree-like structure with the following key properties:
Optimized for reading Distributed storage model Extensible data storage types Advanced search capabilities Consistent replication possibilities
[Srijan Wednesday Webinar] Decoupled Demystified: The Present & Future of Dr...Srijan Technologies
Speaker: Preston So, Development manager, Acquia Labs
It’s been a little over a year since Drupal 8 was released with RESTful web services available out of the box, but that doesn’t mean that our community hasn’t kept pace with unprecedented progress in the landscape around us. Since November 2015, we’ve released two new minor versions of Drupal 8, each with exciting new features in the core REST API, thanks to the indefatigable team comprising the API-first initiative.
Nonetheless, changes are occurring simultaneously in the wider API landscape which are challenging our perceptions and, accordingly, our approaches. Alternatives to our core REST implementation such as JSON API and GraphQL are quickly gaining steam in the front-end world.
Join the webinar as we delve into what’s changed since the release of Drupal 8 in core web services, how core and Drupal’s wider web services ecosystem will evolve in coming minor versions, and how the API-first initiative is anticipating further evolution in our fast-moving surroundings.
Who's This For?
- Back-end developers
- Front-end developers
- Decoupled application developers
- Architects
- Drupal contributors
What's in it for You?
- Learn about the changes in web services since Drupal 8’s release in 2015
- Understand how the wider context of web services has shifted around us, and how we are working to ensure Drupal remains at the forefront of API-first content management
- Learn how to work with web services solutions in the newest iterations of Drupal 8
- Know how the upcoming releases of Drupal will evolve to ensure Drupal’s web services success
Check out our other webinars at: www.srijan.net/webinars
Video to talk: https://www.youtube.com/watch?v=gd4Jqtyo7mM
Apache Spark is a next generation engine for large scale data processing built with Scala. This talk will first show how Spark takes advantage of Scala's function idioms to produce an expressive and intuitive API. You will learn about the design of Spark RDDs and the abstraction enables the Spark execution engine to be extended to support a wide variety of use cases(Spark SQL, Spark Streaming, MLib and GraphX). The Spark source will be be referenced to illustrate how these concepts are implemented with Scala.
http://www.meetup.com/Scala-Bay/events/209740892/
Apache Spark Introduction | Big Data Hadoop Spark Tutorial | CloudxLabCloudxLab
Big Data with Hadoop & Spark Training: http://bit.ly/2spQIBA
This CloudxLab Introduction to Apache Spark tutorial helps you to understand Spark in detail. Below are the topics covered in this tutorial:
1) Spark Architecture
2) Why Apache Spark?
3) Shortcoming of MapReduce
4) Downloading Apache Spark
5) Starting Spark With Scala Interactive Shell
6) Starting Spark With Python Interactive Shell
7) Getting started with spark-submit
Your LDAP Directory, such as Active Directory, already knows lots of things about your users, computers, groups, and more. By leveraging that information, we can learn how to automate and integrate your KACE Appliances using your existing infrastructure. Learn more: http://dell.to/1GDYpr8
The Lightweight Directory Access Protocol (LDAP) is actually a set of open protocols used to access and modify centrally stored information over a network.
Oracle Identity Management presentation for 2010 Conference presented by Peter McLarty, looks at installation issues, planning and design, overall view of 11g Identity Management, more detailed look at installation and configuration of the Oracle Internet Directory.
User administration without you - integrating LDAPMongoDB
*Configure MongoDB and MongoDB Atlas with LDAP authorization
*Test your user's access with mongoldap and other native tools
*Craft LDAP queries to optimize your LDAP accesses
*Adjust query templates and user-to-distinguished-name mappings to account for disparate LDAP trees
*Avoid common configuration mistakes
Open Ldap Integration and Configuration with Lifray 6.2.LDAP (Lightweight Directory Access Protocol) is a software protocol for enabling anyone to locate organizations, individuals, and other resources such as files and devices in a network, whether on the public Internet or on a corporate intranet
Apache Spark is a In Memory Data Processing Solution that can work with existing data source like HDFS and can make use of your existing computation infrastructure like YARN/Mesos etc. This talk will cover a basic introduction of Apache Spark with its various components like MLib, Shark, GrpahX and with few examples.
An Engine to process big data in faster(than MR), easy and extremely scalable way. An Open Source, parallel, in-memory processing, cluster computing framework. Solution for loading, processing and end to end analyzing large scale data. Iterative and Interactive : Scala, Java, Python, R and with Command line interface.
Quick introduction on managing RESTful services with Drupal.
1) Drupal is the RESTful server
2) Drupal is the RESTful client managing data in MEAN stack
Code for the demo is at https://github.com/kalinchernev/Drupal-7/tree/master/restful_lecture
Real time Analytics with Apache Kafka and Apache SparkRahul Jain
A presentation cum workshop on Real time Analytics with Apache Kafka and Apache Spark. Apache Kafka is a distributed publish-subscribe messaging while other side Spark Streaming brings Spark's language-integrated API to stream processing, allows to write streaming applications very quickly and easily. It supports both Java and Scala. In this workshop we are going to explore Apache Kafka, Zookeeper and Spark with a Web click streaming example using Spark Streaming. A clickstream is the recording of the parts of the screen a computer user clicks on while web browsing.
1. LDAP
● What is Directory Services
● The need for LDAP
● LDAP Overview and Basics
● Setting up and tunning OpenLDAP
● Other LDAP tools and applications
2. What is Directory Services
● Similar to database but designed more for reading than
for writing
● Defines a network protocol for accessing contents of
the directory
● Scheme for replication of data
● Directory Service examples: DNS, finger, password DB
● LDAP is a 'Lightweight Directory Access Protocol'
3. The need for LDAP
● Multiple disparate sources of the same information
● Users need separate logins and passwords to login to
different systems
● Complex to keep information in sync
● Similar data spread around many flat files or in
database with different formats
● Inadequacies of NIS ie. Not very extensible
● X.500 is too complicated
Summarizing the above: Centralization, Integration
and Delegating Responsibility
4. LDAP Overview
● LDAP is a ‘Lightweight Directory Access Protocol’
● LDAP marries a lightweight DAP with the X.500
information model
● Uses an extensible hierarchical object data model
● An LDAP server may implement multiple ‘back-ends’:
RDBMS, simple indexes (Berkeley DB), X.500
gateway
● Designed for frequent reads and infrequent writes
5. LDAP Benefits
● Standardized schemas exist for many purposes
(well beyond that of NIS)
● Allows consolidation of many information sources
● Well defined API, support from many applications
● Easily replicated and distributed
● Multiple backends allow integration with existing data
sources (RDBMS, etc)
● Much faster than RDBMS (using lightweight backend
like Berkeley DB)
6. LDAP Basics
● Data is organised into an hierarchical tree
● Each ‘entry’ (tree node) is identified by a DN (distinguished
name) e.g. uid=aokhotnikov,ou=People,ou=Users,dc=ldap,dc=sjua
● Each component of a DN is called an RDN (relative DN) and
represents a branch in the tree
● The RDN must be unique within the nodes at the same level of
the tree (is generally equivalent to one of the attributes ie. ‘uid’
or ‘cn’ in the case of a person)
● Each node has 1 or many attribute values associated with it. Each
attribute can have 1 or many values
7. LDAP Basics (cont.)
● ‘objectClass’ is a mandatory attribute which specifies
the schema (attribute constraints) for the given node
● Multiple ‘objectClass’ attributes can be combined
together to achieve inheritance
● Example ‘objectClass’ (common schema) attributes:
dcObject, organizationalUnit, person, organizationalPerson,
inetOrgPerson, inetLocalMailRecipient
● CN (Canonical Name) is another common attribute
used to provide a unique name for a directory object
8. LDAP Schemas
● Many standard schemas exist including:
– People schemas - person, organisationalPerson, inetOrgPerson,
posixAccount, mailLocalRecpient, strongAuthenticationUser
– Group schemas – groupOfUniqueNames, posixGroup,
organisationalRole, roleMember
– Host / Network schemas – domain, ipHost, ipNetwork, ipProtocol,
ipService, ieee802Device, bootableDevice
● An invaluable schema repository from Alan Knowles at the
Hong Kong Linux Centre:
– http://ldap.akbkhome.com/
9. LDIF File Format
● LDIF (LDAP Data Interchange Format) is used to
import/export from a LDAP directory server and run updates
dn: cn=GForge Admin
User,ou=WebAdmin,ou=Users,dc=ldap,dc=sjua
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
givenName: GForge Admin
sn: User
cn: GForge Admin User
uid: gforgeadmin
userPassword: {MD5}6z8f1uQp3reOfghTFrecJQ==
uidNumber: 1000
gidNumber: 544
homeDirectory: /opt/gforge5
mail: acidumirae@gmail.com
10. Custom Schemas
● LDAP schemas uses SNMP style OIDs (Object Ids) for
uniquely defining schema elements
● Apply for IANA enterprise number here:
– http://www.iana.org/cgi-bin/enterprise.pl
● Private enterprise number OID prefix is 1.3.6.1.4.1 eg.
Metaparadigm uses 1.3.6.1.4.1.11137
● Information on custom schemas can be found here:
– http://www.openldap.org/doc/admin/schema.html
11. Linux LDAP Servers
● OpenLDAP is the primary open-source LDAP
implementation based on Univ. Michigan LDAP
http://www.openldap.org/
● Sun provides the iPlanet Directory Server/Sun One Java DS
● Oracle provides an LDAP server using an Oracle database
backend
● Many others available (Novell DS, Fedora DS, Apache DS,
OpenDS, Innosoft, etc.)
● Linux can also integrate with LDAP servers running on
other platforms such as Microsoft Active Directory or
Novell eDirectory
12. Commercial LDAP Servers
● Novell eDirectory ● CA Directory
● Sun One Identity Server ● Lotus Domino
● Microsoft Active Directory ● Nexor Directory
● Apple Open Directory ● View 500
● Siemens DirX ● Isode's M-Vault
● Oracle Internet Directory ● aeSLAPD
● IBM Tivoli Directory ● ...
http://www.paldap.org/ldap-server-software
13. Scalability and Fault Tolerance
● OpenLDAP supports real-time directory replication to
provide load-balancing and high availability
● OpenLDAP supports single master, multiple slaves
● Most LDAP aware applications can be configured to use
multiple LDAP servers (providing fallback servers)
● Multiple master support is in the works (currently alpha)
● OpenLDAP can be integrated with ‘heartbeat’ and ‘mon’ to
provide fault tolerance http://www.linux-ha.org/
14. Setting up OpenLDAP
● Configuration is located in: /etc/openldap/slapd.conf
● We need to include the schemas we are using
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/collective.schema
include /etc/ldap/schema/corba.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/duaconf.schema
include /etc/ldap/schema/dyngroup.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/java.schema
include /etc/ldap/schema/misc.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/openldap.schema
include /etc/ldap/schema/ppolicy.schema
include /etc/ldap/schema/samba.schema
● Next we specify a database
database hdb
suffix "dc=ldap,dc=sjua"
rootdn "cn=admin,dc=ldap,dc=sjua"
rootpw {SSHA}IrKtxIFV+2UbdD8JiL5ZuTsAx/cPuN2h
directory /var/lib/ldap
15. Setting up OpenLDAP (cont.)
● We can now start slapd (Standalone LDAP daemon)
# /etc/init.d/ldap start
● Next step is to add data to the directory using the LDIF
example presented earlier
# ldapadd -D cn=admin,dc=ldap,dc=sjua -W < init.ldif
Enter LDAP Password: xxxxx
adding new entry "dc=ldap,dc=sjua"
adding new entry "ou=WebAdmin,ou=Users,dc=ldap,dc=sjua"
adding new entry "uid=gfrogeadmin,ou=WebAdmin,ou=Users,dc=ldap,dc=sjua"
16. Tunning OpenLDAP
● We need to add additional indexes for performance
index objectclass eq
index cn pres,sub,eq
index sn pres,sub,eq
## required to support pdb_getsampwnam
index uid pres,sub,eq
## required to support pdb_getsambapwrid()
index displayName pres,sub,eq
index uidNumber eq
index gidNumber eq
index loginShell eq
index memberUid eq
index uniqueMember eq,pres
● We need to add ACLs for security
access to attr=userPassword by self write by anonymous auth by * none
access to dn="" by * read
access to *
by self write
by users read
by anonymous auth
17. Tunning OpenLDAP (cont.)
● Setup logging in syslog.conf (default is LOCAL4)
local4.* /var/log/sldap.log
● Make sure ‘slapd’ runs as non privileged user
● Make ‘slapd’ bind to SSL port for security
– need signed certificates with openSSL and modify slapd.conf
TLSCertificateFile /etc/openldap/ldap.sjua.cer
TLSCertificateKeyFile /etc/openldap/ldap.sjua.key
– modify init script to bind to SSL port
/usr/libexec/slapd -h 'ldap://ldap.metaparadigm.com/
ldaps://ldap.metaparadigm.com/'
-l LOCAL4 -u ldap -g ldap
18. LDAP Search Filters
● LDAP uses a simple ‘search filters’ syntax (RFC2254)
● LDAP queries return all attributes of matching entries (or specifically
selected attributes) which match the search filter
LDAP query particles are enclosed within parenthesis in the form of
( attribute <matching rule> value ) ie. (cn=GForge Admin User)
● Matching rules include (=, =~, >=, <=)
● * can be used as a wildcard within the value
● These can be combined together using the boolean operators: and, or
and not (&, |, !) eg:
– (&(cn=GForge Admin User)(objectClass=posixAccount))
– (&(objectClass=inetOrgPerson)(!(ou=People)))
– (|(cn=GForge Admin*)(cn=GForge*))
19. LDAP Search Filters (cont.)
● The following example ldap search retrieves the names and email
address of all users with a givenname of ‘Gforge Admin’ or ‘Orange
Admin’
ldapsearch -xLLL -h ldap.sjua -b ou=Users,dc=ldap,dc=sjua
'(&(|(givenname=GForge Admin)(givenname=Orange Admin))(ob-
jectClass=inetOrgPerson))' cn mail
dn: cn=GForge Admin
User,ou=WebAdmin,ou=Users,dc=ldap,dc=sjua
cn: GForge Admin User
mail: acidumirae@gmail.com
dn: cn=Orange Admin
User,ou=WebAdmin,ou=Users,dc=ldap,dc=sjua
cn: Orange Admin User
mail: aokhotnikov@softjourn.com
● Very easy to incorporate this into shell scripts with awk or sed
20. LDAP Applications
● Authenticate users in web applications
(OrangeHRM, gForge, DokuWiki, etc.)
● Authenticate users in Samba, Apache, ProFTPd, etc.
● Possible NSS (Name Service Switch) integration
● Possible PAM (Pluggable Authentication Module)
● Possible mail routing: Sendmail, Postfix, etc.
● Shared Address Book (Evolution, Mozilla, Outlook,
Eudora, web clients, etc.)
● Programming Libraries (Perl, Java, PHP, etc.)
22. Migration to LDAP
● Padl migration tools
– http://www.padl.com/OSS/MigrationTools.html
– passwd, group, hosts, networks, services, etc…
● We have migrated users from OrangeHRM using
custom PHP scrip that was generating LDIF files
– some issues with Samba – NTPassword is MD4
– minor issues with gForge – multiple
installations(dirty database)
23. Resources
● OpenLDAP: http://openldap.org
● Practical LDAP from Metaparadigm Pte Ltd.
http://gort.metaparadigm.com/ldap/
● Ubuntu Documentation: OpenLDAP Server
https://help.ubuntu.com/8.10/serverguide/C/openldap-server.html
● Ubuntu Documentation: Samba and LDAP
https://help.ubuntu.com/8.10/serverguide/C/samba-ldap.html
● Introduction to LDAP and Single Sign-On
http://tapor.ualberta.ca/Resources/Techdocs/completed/ldappresentation.pdf
● LDAP and Directory Services
http://ldap.mtu.edu/docs/public/mtu_dsinfo/techiefest/techiefest_files/v3_document.htm