Theory and OpenLDAP implementation
Ce support est diffusé sous licence Creative Commons (CC BY-SA 3.0 FR)
Attribution - Partage dans les Mêmes Conditions 3.0 France
En savoir plus sur www.opensourceschool.fr
Plan :
1. Introduction
2. Anatomy of a LDAP directory
3. OpenLDAP: A LDAP implementation
4. Lab : Install an OpenLDAP server
5. Working with LDAP servers
6. Extending LDAP
VPNs and network security
En savoir plus sur www.opensourceschool.fr
Ce support est diffusé sous licence Creative Commons (CC BY-SA 3.0 FR)
Attribution - Partage dans les Mêmes Conditions 3.0 France
En savoir plus sur www.opensourceschool.fr
Ce support est diffusé sous licence Creative Commons (CC BY-SA 3.0 FR) Attribution - Partage dans les Mêmes Conditions 3.0 France
Plan :
1. Reverse proxies
2. Varnish overview
3. VCL
4. CLI tools
Installing & Configuring OpenLDAP (Hands On Lab)Michael Lamont
This document provides instructions on installing and configuring OpenLDAP, an open source LDAP directory service. It discusses downloading and compiling OpenLDAP, editing the main configuration file slapd.conf, starting and stopping the OpenLDAP service, and populating the directory with sample entries using an LDIF file and the ldapmodify tool. The goal is to set up a basic test OpenLDAP directory with entries for people in an organization.
This document discusses managing shared libraries in Linux. It defines shared libraries as common code stored in files called by many programs to reduce duplication. It describes how shared libraries are located, configured, and loaded, including the roles of the ld.so.conf file and ldconfig tool. It also explains how the LD_LIBRARY_PATH environment variable and LD_PRELOAD can specify non-standard library paths or override symbols.
FTP is used to transfer files and can operate as anonymous or require login. News servers allow threaded discussions on topics and FTP, telnet, and terminal services allow remote administration of servers. Streaming media servers transfer video and audio while e-commerce servers focus on online selling and customer communication.
The document outlines a presentation on becoming a "rockstar" with Drupal. It discusses Drupal's large open source community and code base. It covers best practices for code structure, naming conventions, deployment strategies like Features and Configuration Management. It also summarizes caching options like Memcache, Varnish and Boost as well as security practices and the flexibility provided by Drupal's hooks, API and thousands of contributed modules. The presentation concludes with an overview of the command line tool Drush and its uses in deployment, site management and more.
This document discusses managing shared libraries in Linux systems. It defines shared libraries as common code stored in files that are accessed by multiple programs. It describes how shared libraries are located, configured, and loaded, and some key tools used in managing them like ldd, ldconfig, and LD_LIBRARY_PATH. Specific topics covered include library file paths, naming conventions, dependencies between libraries, and ensuring applications can find non-standard library locations.
- Apache Thrift is a cross-language services framework that allows for the easy definition of data types and remote procedure calls (RPCs).
- It uses an interface definition language (IDL) to define data types and services, and generates code in various languages to implement clients and servers.
- Apache Thrift supports a wide range of languages and transports, making it useful for building high-performance, scalable distributed applications and microservices.
VPNs and network security
En savoir plus sur www.opensourceschool.fr
Ce support est diffusé sous licence Creative Commons (CC BY-SA 3.0 FR)
Attribution - Partage dans les Mêmes Conditions 3.0 France
En savoir plus sur www.opensourceschool.fr
Ce support est diffusé sous licence Creative Commons (CC BY-SA 3.0 FR) Attribution - Partage dans les Mêmes Conditions 3.0 France
Plan :
1. Reverse proxies
2. Varnish overview
3. VCL
4. CLI tools
Installing & Configuring OpenLDAP (Hands On Lab)Michael Lamont
This document provides instructions on installing and configuring OpenLDAP, an open source LDAP directory service. It discusses downloading and compiling OpenLDAP, editing the main configuration file slapd.conf, starting and stopping the OpenLDAP service, and populating the directory with sample entries using an LDIF file and the ldapmodify tool. The goal is to set up a basic test OpenLDAP directory with entries for people in an organization.
This document discusses managing shared libraries in Linux. It defines shared libraries as common code stored in files called by many programs to reduce duplication. It describes how shared libraries are located, configured, and loaded, including the roles of the ld.so.conf file and ldconfig tool. It also explains how the LD_LIBRARY_PATH environment variable and LD_PRELOAD can specify non-standard library paths or override symbols.
FTP is used to transfer files and can operate as anonymous or require login. News servers allow threaded discussions on topics and FTP, telnet, and terminal services allow remote administration of servers. Streaming media servers transfer video and audio while e-commerce servers focus on online selling and customer communication.
The document outlines a presentation on becoming a "rockstar" with Drupal. It discusses Drupal's large open source community and code base. It covers best practices for code structure, naming conventions, deployment strategies like Features and Configuration Management. It also summarizes caching options like Memcache, Varnish and Boost as well as security practices and the flexibility provided by Drupal's hooks, API and thousands of contributed modules. The presentation concludes with an overview of the command line tool Drush and its uses in deployment, site management and more.
This document discusses managing shared libraries in Linux systems. It defines shared libraries as common code stored in files that are accessed by multiple programs. It describes how shared libraries are located, configured, and loaded, and some key tools used in managing them like ldd, ldconfig, and LD_LIBRARY_PATH. Specific topics covered include library file paths, naming conventions, dependencies between libraries, and ensuring applications can find non-standard library locations.
- Apache Thrift is a cross-language services framework that allows for the easy definition of data types and remote procedure calls (RPCs).
- It uses an interface definition language (IDL) to define data types and services, and generates code in various languages to implement clients and servers.
- Apache Thrift supports a wide range of languages and transports, making it useful for building high-performance, scalable distributed applications and microservices.
OpenLDAP has been replacing proprietary directory server offerings in the private sector, public sector and the financial sector at an increasing pace. This is largely due to its performance and scalability, dynamic configuration capabilities and flexible extensibility via bundled modules.
OpenLDAP would not have earned its place in these sectors without enterprise grade replication options.
In this talk, an overview of the latest production ready OpenLDAP 2.4 replication features will be discussed and the numerous best practice strategies will be presented covering the most common deployment configurations found in the wild.
This document provides step-by-step instructions for installing and configuring the Koha library management system and migrating data. It outlines the process of installing Linux, setting up the required software including Koha, configuring parameters, and importing existing library data. The document is intended as a guide for libraries automating their systems and migrating to Koha.
Postfix is a free and open-source mail transfer agent (MTA) that is commonly used on Linux systems. It handles receiving and delivering email by using several server processes and queues. When receiving mail, Postfix uses smtpd, qmqpd, pickup, and cleanup servers to validate messages and add them to the incoming queue. For delivery, it uses qmgr to route messages from the incoming queue through active delivery agents like smtp, lmtp, local, and virtual to recipients or deferred queue if delivery fails. Postfix prioritizes stability, scalability and security in its flexible and modular design.
This document provides an overview of a Linux fundamentals training course taught by Bui Quang Lam. The course consists of 5 days of presentations, labs, and assignments. Day 1 covers introduction, files, and directories. Day 2 covers user, system, and software management, networking, services, and process management. Days 3-5 involve group assignments, discussions, and tests. The course aims to help students understand basic Linux concepts and be able to perform regular tasks on Linux servers and learn trending technologies like AWS, Azure, and DevOps.
The document discusses three major secure network protocols: IPSec, TLS, and DNSSEC. It provides an overview of how each protocol operates and establishes secure connections. IPSec operates at the network layer and can secure communication between hosts or tunnel traffic through gateways. TLS secures connections at the transport layer, typically for HTTPS. DNSSEC adds security extensions to DNS to provide authentication and integrity for domain name lookups.
This document summarizes Linux TCP/IP tuning techniques for optimizing real-time communication. It discusses adjusting interrupts, transmission/receiving queues, socket buffer sizes, protocol parameters, port ranges, shell limits, packet marking, traffic control, connection tracking, and more. The goal is to configure these various network parameters together to ensure high availability, media quality with low delay, jitter and packet loss for signaling and media packets. Proper testing and measurement tools are also needed to validate any tuning changes.
SophiaConf2010 Présentation des Retours d'expériences de la Conférence du 08 ...TelecomValley
SophiaConf2010 Présentation des Retours d'expériences de la Conférence du 08 Juillet - HTML 5, une plateforme contemporaine pour le Web : Stefano Crosta, Chief Technical Officer de SLICE FACTORY ; Raphaël Troncy, Maître de Conférences à Eurecom.
The document provides an overview of LAMP technology, which refers to a group of open-source software used to build dynamic web sites and applications. It describes the core components of LAMP - Linux as the operating system, Apache as the web server, MySQL as the database management system, and PHP as the programming language. It then discusses each component in more detail and provides examples of commands and basic usage.
Apache Thrift : One Stop Solution for Cross Language CommunicationPiyush Goel
Apache Thrift is a framework for cross-language communication that supports RPC. It was developed by Facebook and entered Apache incubation in 2008. Thrift supports languages like C++, Java, Python, PHP, Ruby, and others. It provides a type system, transport layer, protocol layer, processors, and servers to enable cross-language communication and RPC. Companies like Capillary use Thrift for tasks like processing business rules with PHP-Java communication and sending promotional SMS from a Java system.
This document discusses Linux file systems and partitioning. It covers commands used to create partitions like fdisk and mkfs, as well as filesystem types like ext3. It also discusses creating and managing swap spaces. The key points are that Linux uses mkfs to format partitions, fdisk to create partitions, and mkswap to initialize swap spaces which are then activated with swapon.
[HKDUG] #20161210 - BarCamp Hong Kong 2016 - What's News in PHP?Wong Hoi Sing Edison
Edison Wong gave a presentation on recent developments in PHP, Drupal, and related tools. He discussed new features in PHP 7.1 like nullable types and catch multiple exceptions. He also covered PHP-FIG standards like PSR-4 autoloading, the Composer dependency manager, new features in Symfony 3.2 like runtime environment variables, and improvements to content authoring in Drupal 8.2 like moderation tools. The talk provided an overview of updates across the PHP ecosystem for web developers.
This document discusses linking software project and distribution metadata using RDF to improve traceability. It describes current issues with duplication and lack of interoperability. The approach presented extracts metadata from various projects and distributions and stores it in a Virtuoso triplestore to allow semantic queries across projects. Examples demonstrate matching packages between Debian and Apache projects based on homepage URLs. The document also outlines ongoing work to add RDF/Linked Data to additional systems like Debian and FusionForge.
Images of 1st, 2nd and 6th belong to DreamWorks Animation
Image of K Computer belongs to Fujitsu.
Presentation made not for commercial use, but educational.
This document provides an overview and summary of Apache 2.2 configuration including:
1) Apache release statuses and where development is focused;
2) Common configuration directives like Listen, DocumentRoot, and VirtualHosts;
3) Tips for modularizing configuration using Include directives and separating into files.
This document discusses Linux file systems and creating partitions and filesystems in Linux. It covers the following key points:
1. Linux supports various filesystems like ext2, ext3, xfs, and ReiserFS that can be created using mkfs. Swap spaces are created with mkswap.
2. Partitions and filesystems can be created using tools like fdisk, cfdisk, and gpart. Filesystem types include ext3, xfs, FAT, etc.
3. The Filesystem Hierarchy Standard defines the directory structure and recommended layout of files on Linux systems with directories like /bin, /etc, /home, /usr, /var, etc.
White Paper: Perforce Administration Optimization, Scalability, Availability ...Perforce
The document summarizes the steps taken by MathWorks to optimize the scalability, availability, and reliability of their Perforce configuration management system as their user base grows. Key points include using proxies, anycast routing, replication, and load balancing techniques like p4broker to minimize downtime and improve response times while supporting more maintenance tasks. The architecture overview shows proxies routing requests to a p4broker which distributes work to a master Perforce server and replicated servers. Monitoring is used to identify bottlenecks and deploy additional proxies or replicas as needed.
This document provides an overview of an LDAP system administration course. The instructor has technical certifications and experience. The course covers LDAP basics in Part I, including concepts like schemas, referrals, replication, and using OpenLDAP. Part II focuses on application integration, covering topics like replacing NIS, email integration, and developing LDAP management tools in Perl. Part III contains appendixes with LDAP standards references. The course uses hands-on examples and focuses on practical experience with an LDAP directory.
This document provides summaries of common Linux commands, including ls, mkdir, cd, rmdir, rm, cp, mv, touch, echo, head, tail, less, more, grep, find, man, wc, pipe (|), cat, and mv. It describes the basic syntax and common examples for using each command to list, create, delete, copy, move, view, and filter files and directories from the command line.
mod_ftp is a module for Apache HTTP Server that implements the File Transfer Protocol (FTP) within the Apache architecture. It leverages Apache's flexibility to serve FTP alongside HTTP and HTTPS from the same server instance. mod_ftp supports key FTP features like SSL/TLS encryption, authentication, dynamic content, and logging while integrating with the Apache ecosystem. The document provides an overview of mod_ftp's capabilities and includes a sample configuration.
This presentation was shown at Spring Framework Meeting 2009 in Rome (Lazio - Italy) - 31th October 2009.
http://www.open4dev.com/journal/2009/10/26/spring-framework-meeting-2009-rome.html
Abstract:
Spring LDAP basics: how to start to use the LdapTemplate in your custom J2EE application. This how-to will show you how to bind, unbind, search and authenticate users in your LDAP using the LdapTemplate provided by Spring.
Open LDAP as A directory serviceis a system for storing and retrieving information in a tree-like structure with the following key properties:
Optimized for reading Distributed storage model Extensible data storage types Advanced search capabilities Consistent replication possibilities
OpenLDAP has been replacing proprietary directory server offerings in the private sector, public sector and the financial sector at an increasing pace. This is largely due to its performance and scalability, dynamic configuration capabilities and flexible extensibility via bundled modules.
OpenLDAP would not have earned its place in these sectors without enterprise grade replication options.
In this talk, an overview of the latest production ready OpenLDAP 2.4 replication features will be discussed and the numerous best practice strategies will be presented covering the most common deployment configurations found in the wild.
This document provides step-by-step instructions for installing and configuring the Koha library management system and migrating data. It outlines the process of installing Linux, setting up the required software including Koha, configuring parameters, and importing existing library data. The document is intended as a guide for libraries automating their systems and migrating to Koha.
Postfix is a free and open-source mail transfer agent (MTA) that is commonly used on Linux systems. It handles receiving and delivering email by using several server processes and queues. When receiving mail, Postfix uses smtpd, qmqpd, pickup, and cleanup servers to validate messages and add them to the incoming queue. For delivery, it uses qmgr to route messages from the incoming queue through active delivery agents like smtp, lmtp, local, and virtual to recipients or deferred queue if delivery fails. Postfix prioritizes stability, scalability and security in its flexible and modular design.
This document provides an overview of a Linux fundamentals training course taught by Bui Quang Lam. The course consists of 5 days of presentations, labs, and assignments. Day 1 covers introduction, files, and directories. Day 2 covers user, system, and software management, networking, services, and process management. Days 3-5 involve group assignments, discussions, and tests. The course aims to help students understand basic Linux concepts and be able to perform regular tasks on Linux servers and learn trending technologies like AWS, Azure, and DevOps.
The document discusses three major secure network protocols: IPSec, TLS, and DNSSEC. It provides an overview of how each protocol operates and establishes secure connections. IPSec operates at the network layer and can secure communication between hosts or tunnel traffic through gateways. TLS secures connections at the transport layer, typically for HTTPS. DNSSEC adds security extensions to DNS to provide authentication and integrity for domain name lookups.
This document summarizes Linux TCP/IP tuning techniques for optimizing real-time communication. It discusses adjusting interrupts, transmission/receiving queues, socket buffer sizes, protocol parameters, port ranges, shell limits, packet marking, traffic control, connection tracking, and more. The goal is to configure these various network parameters together to ensure high availability, media quality with low delay, jitter and packet loss for signaling and media packets. Proper testing and measurement tools are also needed to validate any tuning changes.
SophiaConf2010 Présentation des Retours d'expériences de la Conférence du 08 ...TelecomValley
SophiaConf2010 Présentation des Retours d'expériences de la Conférence du 08 Juillet - HTML 5, une plateforme contemporaine pour le Web : Stefano Crosta, Chief Technical Officer de SLICE FACTORY ; Raphaël Troncy, Maître de Conférences à Eurecom.
The document provides an overview of LAMP technology, which refers to a group of open-source software used to build dynamic web sites and applications. It describes the core components of LAMP - Linux as the operating system, Apache as the web server, MySQL as the database management system, and PHP as the programming language. It then discusses each component in more detail and provides examples of commands and basic usage.
Apache Thrift : One Stop Solution for Cross Language CommunicationPiyush Goel
Apache Thrift is a framework for cross-language communication that supports RPC. It was developed by Facebook and entered Apache incubation in 2008. Thrift supports languages like C++, Java, Python, PHP, Ruby, and others. It provides a type system, transport layer, protocol layer, processors, and servers to enable cross-language communication and RPC. Companies like Capillary use Thrift for tasks like processing business rules with PHP-Java communication and sending promotional SMS from a Java system.
This document discusses Linux file systems and partitioning. It covers commands used to create partitions like fdisk and mkfs, as well as filesystem types like ext3. It also discusses creating and managing swap spaces. The key points are that Linux uses mkfs to format partitions, fdisk to create partitions, and mkswap to initialize swap spaces which are then activated with swapon.
[HKDUG] #20161210 - BarCamp Hong Kong 2016 - What's News in PHP?Wong Hoi Sing Edison
Edison Wong gave a presentation on recent developments in PHP, Drupal, and related tools. He discussed new features in PHP 7.1 like nullable types and catch multiple exceptions. He also covered PHP-FIG standards like PSR-4 autoloading, the Composer dependency manager, new features in Symfony 3.2 like runtime environment variables, and improvements to content authoring in Drupal 8.2 like moderation tools. The talk provided an overview of updates across the PHP ecosystem for web developers.
This document discusses linking software project and distribution metadata using RDF to improve traceability. It describes current issues with duplication and lack of interoperability. The approach presented extracts metadata from various projects and distributions and stores it in a Virtuoso triplestore to allow semantic queries across projects. Examples demonstrate matching packages between Debian and Apache projects based on homepage URLs. The document also outlines ongoing work to add RDF/Linked Data to additional systems like Debian and FusionForge.
Images of 1st, 2nd and 6th belong to DreamWorks Animation
Image of K Computer belongs to Fujitsu.
Presentation made not for commercial use, but educational.
This document provides an overview and summary of Apache 2.2 configuration including:
1) Apache release statuses and where development is focused;
2) Common configuration directives like Listen, DocumentRoot, and VirtualHosts;
3) Tips for modularizing configuration using Include directives and separating into files.
This document discusses Linux file systems and creating partitions and filesystems in Linux. It covers the following key points:
1. Linux supports various filesystems like ext2, ext3, xfs, and ReiserFS that can be created using mkfs. Swap spaces are created with mkswap.
2. Partitions and filesystems can be created using tools like fdisk, cfdisk, and gpart. Filesystem types include ext3, xfs, FAT, etc.
3. The Filesystem Hierarchy Standard defines the directory structure and recommended layout of files on Linux systems with directories like /bin, /etc, /home, /usr, /var, etc.
White Paper: Perforce Administration Optimization, Scalability, Availability ...Perforce
The document summarizes the steps taken by MathWorks to optimize the scalability, availability, and reliability of their Perforce configuration management system as their user base grows. Key points include using proxies, anycast routing, replication, and load balancing techniques like p4broker to minimize downtime and improve response times while supporting more maintenance tasks. The architecture overview shows proxies routing requests to a p4broker which distributes work to a master Perforce server and replicated servers. Monitoring is used to identify bottlenecks and deploy additional proxies or replicas as needed.
This document provides an overview of an LDAP system administration course. The instructor has technical certifications and experience. The course covers LDAP basics in Part I, including concepts like schemas, referrals, replication, and using OpenLDAP. Part II focuses on application integration, covering topics like replacing NIS, email integration, and developing LDAP management tools in Perl. Part III contains appendixes with LDAP standards references. The course uses hands-on examples and focuses on practical experience with an LDAP directory.
This document provides summaries of common Linux commands, including ls, mkdir, cd, rmdir, rm, cp, mv, touch, echo, head, tail, less, more, grep, find, man, wc, pipe (|), cat, and mv. It describes the basic syntax and common examples for using each command to list, create, delete, copy, move, view, and filter files and directories from the command line.
mod_ftp is a module for Apache HTTP Server that implements the File Transfer Protocol (FTP) within the Apache architecture. It leverages Apache's flexibility to serve FTP alongside HTTP and HTTPS from the same server instance. mod_ftp supports key FTP features like SSL/TLS encryption, authentication, dynamic content, and logging while integrating with the Apache ecosystem. The document provides an overview of mod_ftp's capabilities and includes a sample configuration.
This presentation was shown at Spring Framework Meeting 2009 in Rome (Lazio - Italy) - 31th October 2009.
http://www.open4dev.com/journal/2009/10/26/spring-framework-meeting-2009-rome.html
Abstract:
Spring LDAP basics: how to start to use the LdapTemplate in your custom J2EE application. This how-to will show you how to bind, unbind, search and authenticate users in your LDAP using the LdapTemplate provided by Spring.
Open LDAP as A directory serviceis a system for storing and retrieving information in a tree-like structure with the following key properties:
Optimized for reading Distributed storage model Extensible data storage types Advanced search capabilities Consistent replication possibilities
Open for Business Open Archives, OpenURL, RSS and the Dublin CoreAndy Powell
UKOLN is supported by various open standards and protocols to facilitate digital information management, including OpenURL, RSS, Dublin Core, and the OAI Protocol for Metadata Harvesting. Andy Powell from UKOLN gave a presentation on using these standards to integrate resources from multiple content providers and enable user-focused discovery and access across heterogeneous collections. The presentation provided an overview of each standard and how they address issues like joining up discovery services with delivery of appropriate copies.
SWORD is a protocol for depositing content into repositories. It is a lightweight profile of the Atom Publishing Protocol that defines a set of mandatory and optional parameters for repository deposit. The SWORD protocol has been implemented in several repositories including DSpace, EPrints, IntraLibrary and Fedora. It also has several Java client implementations. SWORD aims to provide a standard way for content to be deposited into repositories from a variety of sources through a simple web service interface.
Frances McNamara - Kuali OLE Implementation at University of ChicagoKuali Days UK
Presented by Frances McNamara, Director, Integrated Library Systems and Administrative and Desktop Systems at the University of Chicago at the Kuali Days UK conference, 29 October 2013.
Producing, publishing and consuming linked data - CSHALS 2013François Belleau
This document discusses lessons learned from the Bio2RDF project for producing, publishing, and consuming linked data. It outlines three key lessons: 1) How to efficiently produce RDF using existing ETL tools like Talend to transform data formats into RDF triples; 2) How to publish linked data by designing URI patterns, offering SPARQL endpoints and associated tools, and registering data in public registries; 3) How to consume SPARQL endpoints by building semantic mashups using workflows to integrate data from multiple endpoints and then querying the mashup to answer questions.
Fedora is an open-source digital object repository system that provides persistent storage and delivery of digital content. It is implemented as a set of Java services and stores content and associated metadata in XML files. The repository can scale to support millions of objects and provides features such as versioning, audit trails and triple store capabilities through integrated systems like Mulgara.
Give a REST to your LDAP directory servicesLDAPCon
This document introduces RESTful APIs as an alternative to traditional LDAP and DSML protocols for accessing directory services like OpenDJ. It describes how RESTful APIs using HTTP, JSON, and CRUD operations can provide a loosely coupled and scalable way to access directory data and services. The document then provides details on OpenDJ's implementation of REST to LDAP, including running it embedded in OpenDJ or as a standalone gateway. It demos the RESTful APIs and compares them to the SCIM standard. Finally, it encourages adopting RESTful approaches and provides contact information.
Linked Data at the Open University: From Technical Challenges to Organization...Mathieu d'Aquin
The document discusses how the Knowledge Media Institute at the Open University in the UK has developed a linked data platform, called data.open.ac.uk, to provide open access to various types of data from across the university, including course information, research publications, podcasts, videos, and more. It describes some of the technical and organizational challenges in developing the platform, and highlights how it has enabled new uses of the university's data and inspired innovation both within the university and more broadly in open education.
The W3C Linked Data Platform (LDP) specification describes a set of best practices and simple approach for a read-write Linked Data architecture, based on HTTP access to web resources that describe their state using the RDF data model. This presentation provides a set of simple examples that illustrates how an LDP client can interact with an LDP server in the context of a read-write Linked Data application i.e. how to use the LDP protocol for retrieving, updating, creating and deleting Linked Data resources.
LOD2 plenary meeting in Paris: presentation of WP6: State of Play: LOD2 Stack Architecture, by Bert Van Nuffelen, Kurt De Muelenaere, Bastiaan Deblieck - TenForce.
This talk will briefly review LDAP concepts, cover common uses of LDAP, and present examples of advanced LDAP usage to inspire using LDAP. It will not provide installation or configuration details for specific operating systems. The speaker will link to online slides and get information about the audience's LDAP knowledge and usage.
The document presents the LPOD project, which aims to develop an OpenDocument library for Python, Perl, and Ruby. The objectives are to provide a common API for these languages for OpenDocument files and implement a high-level, business intelligence oriented API. The project is supported by French organizations and includes members from 4 companies and 4 public research laboratories. It takes a top-down, multilingual approach to strictly implement the ODF standard and extend its usage beyond traditional office documents.
This document discusses how semantic web technologies like RDF and SPARQL can help navigate complex bioinformatics databases. It describes a three step method for building a semantic mashup: 1) transform data from sources into RDF, 2) load the RDF into a triplestore, and 3) explore and query the dataset. As an example, it details how Bio2RDF transformed various database cross-reference resources into RDF and loaded them into Virtuoso to answer questions about namespace usage.
Presentation of lpOD (ODF automation platform) at FOSDEM 2010Itaapy
lpOD is a document automation platform : a high level API in different langages, to produce, consume or manipulate ODF documents, be it text, spreadsheets or presentations. This presentation by Jérôme Dumonteil took place at FOSDEM 2010.
The document discusses the need for open source integrated library management systems (ILMS) as an alternative to expensive commercial ILMS. It notes that open source software like Koha provides a full-featured and standards-compliant ILMS option that is free, allows customization, and has an active development community. Koha began development in 1999 and is now widely used with features like cataloging, circulation, and a web-based OPAC and interfaces.
Workshop on design and development of institutional repositories using d spaceMahesh Palamuttath
This document provides an overview and summary of using DSpace as an open source institutional repository software. It discusses how DSpace allows for customizing the user interface and metadata, supports various standards and authentication mechanisms, and has a configurable database and default language. The document also provides instructions on installing DSpace and describes its community, collection, and item hierarchical structure. Key facilities like embargo and email configuration are also summarized.
OpenAIRE and the case of Irish Repositories, by Jochen Schirrwagen (RIAN Work...OpenAIRE
This document discusses OpenAIRE and Irish repositories. It begins with a brief explanation of OpenAIRE, including its history and role in Horizon 2020. It then analyzes the status of Irish repositories in OpenAIRE and BASE, noting that about 27,000 documents are openly accessible. The document asks questions about other Irish repositories and CRIS systems. It also discusses important metadata properties for OpenAIRE, such as referencing funding sources. Finally, it covers how repositories can connect with OpenAIRE through services, plugins, and add-ons.
OpenAIRE and the Case of Irish RepositoriesRIANIreland
This document discusses OpenAIRE and Irish repositories. It begins with a brief explanation of OpenAIRE, including its history and role in Horizon 2020. It then analyzes the status of Irish repositories in OpenAIRE and BASE, noting that about 27,000 documents are openly accessible. The document asks questions about other Irish repositories and CRIS systems. It also discusses important metadata properties for OpenAIRE, such as referencing funding sources. Finally, it covers how repositories can connect with OpenAIRE through services, plugins, and add-ons.
Similar to LDAP : Theory and OpenLDAP implementation (20)
Open Source School - Bachelor 3
Supports de cours Linux Administrateur
Ce support est sous licence Creative Commons (CC BY-SA 3.0 FR)
Attribution - Partage dans les Mêmes Conditions 3.0 France
Plan :
Programmation Bash Avancée
* Expressions logiques & boucles
* Paramètres d’entrée et valeurs de retour
* Environnements d'exécution
* Expressions régulières
Gestion des utilisateurs et des groupes
* L'utilisateur et le groupe POSIX
* Gestion des comptes
Administration du système
* Les logs et les mails
* Fichiers de configuration du système
* La gestion des paquets et des mises à jour
* Les services
* Exécution automatique de tâches (cron, at, ...)
* Localisation et internationalisation
TCP/IP et configuration du réseau
* Adressage IP et routage
* Protocoles réseaux (ICMP, TCP, UDP, …) et ports
* Configuration réseau (adresses, hooks, vlan, ...)
* Les outils de l'administrateu : ping, netstat, arp, netcat, traceroute, nmap, ...
Services système et Sécurité
* Permissions du système de fichiers, quotas utilisateurs
* Sécurité réseau
Iptables
OpenSSH et fail2ban
Authentification du serveur et des utilisateurs
En savoir plus sur www.opensourceschool.fr
Open Source School - Bachelor 3
Support de cours Linux Scripting
Ce support est diffusé sous licence Creative Commons (CC BY-SA 3.0 FR)
Attribution - Partage dans les Mêmes Conditions 3.0 France
OBJECTIFS :
* Acquérir une connaissance des divers aspects du shell
* Connaître tous les mécanismes de base du shell
* Créer des scripts transportables d'un Linux à l'autre
* Une passe sur des mécanismes avancés du shell vous permettra de bien maîtriser l'outil
* Connaître toutes les astuces du shell ainsi que des commandes d'administration basiques du système Linux
PLAN :
Introduction
* Historique
* Présentation
* Fichiers de configuration
* Créer un script shell
* Exécution d'un script
Mécanismes de base
* Affichage et lecture
* Commentaires
* Les variables
* L'environnement
* Les quotes
* Les arguments
* Codes de retour
Construction de shell scripts portables
* If et case
* Les comparaisons
* For et while
* Les fonctions
* L'import de fichiers
Mécanismes complémentaires
* Les redirections
* Opérations mathématiques
* Meta characters
* ANSI-C
* Getopts
* Les tableaux
* Le select
* Les signaux
En savoir plus sur : www.opensourceschool.fr
Open Source School - Bachelor 3
Support de cours PHP & Initiation Symfony
Ce support de cours est sous licence Creative Commons (CC BY-SA 3.0 FR). Attribution - Partage dans les Mêmes Conditions 3.0 France
PLAN :
PHP Basics
* Introduction
* Premiers pas
* Bases du langage
PHP Advanced
* Programmation objet
* Gestion des erreurs
* Debugger
* Bases de données
* Sécurité
* Optimisations
* Design pattern
* Framework
En savoir plus sur : www.opensourceschool.fr
Open Source School - Bachelor 3
Support de cours Stratégie de Virtualisation Open Source
Ce support de cours est sous licence Creative Commons (CC BY-SA 3.0 FR). Attribution - Partage dans les Mêmes Conditions 3.0 France
PLAN :
La théorie
* Définition de la virtualisation
* L’histoire de la virtualisation et l'énergie
* Les types de virtualisation
* Comparaison des solutions
* La stratégie actuelle et son mode d’application
La virtualisation sur le poste de travail
* VirtualBox
* Les CGroups
* L’isolation / Les jails
* OpenVZ
* LXC
La virtualisation sur les serveurs
* QEMU
* KVM / XEN
* Les fonctionnalités
* La sécurité
* La gestions des E/S - VirtIO
* La manipulation des VM avec LibVirt
L'IaaS
* OpenStack
* Docker
Source code management with GIT
En savoir plus sur www.opensourceschool.fr
Ce support est diffusé sous licence Creative Commons (CC BY-SA 3.0 FR)
Attribution - Partage dans les Mêmes Conditions 3.0 France
Monitoring : The art of knowing when and why things go wrongOpen Source School
En savoir plus sur www.opensourceschool.fr
Ce support est diffusé sous licence Creative Commons (CC BY-SA 3.0 FR) Attribution - Partage dans les Mêmes Conditions 3.0 France
Plan :
1 Principles
2 Monitoring tools
3 Reading graphs
4 Real-life examples
En savoir plus sur www.opensourceschool.fr
Ce support est diffusé sous licence Creative Commons (CC BY-SA 3.0 FR) Attribution - Partage dans les Mêmes Conditions 3.0 France
Plan :
1. Introduction
2. Installation
3. The psql client
4. Authentication and privileges
5. Backup and restoration
6. Internal Architecture
7. Performance optimization
8. Stats and monitoring
9. Logs
10. Replication
A crash course
En savoir plus sur www.opensourceschool.fr
Ce support est diffusé sous licence Creative Commons (CC BY-SA 3.0 FR)
Attribution - Partage dans les Mêmes Conditions 3.0 France
En savoir plus sur www.opensourceschool.fr
Ce support est diffusé sous licence Creative Commons (CC BY-SA 3.0 FR)
Attribution - Partage dans les Mêmes Conditions 3.0 France
En savoir plus sur www.opensourceschool.fr
Ce support est diffusé sous licence Creative Commons (CC BY-SA 3.0 FR)
Attribution - Partage dans les Mêmes Conditions 3.0 France
"What does it really mean for your system to be available, or how to define w...Fwdays
We will talk about system monitoring from a few different angles. We will start by covering the basics, then discuss SLOs, how to define them, and why understanding the business well is crucial for success in this exercise.
In our second session, we shall learn all about the main features and fundamentals of UiPath Studio that enable us to use the building blocks for any automation project.
📕 Detailed agenda:
Variables and Datatypes
Workflow Layouts
Arguments
Control Flows and Loops
Conditional Statements
💻 Extra training through UiPath Academy:
Variables, Constants, and Arguments in Studio
Control Flow in Studio
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectorsDianaGray10
Join us to learn how UiPath Apps can directly and easily interact with prebuilt connectors via Integration Service--including Salesforce, ServiceNow, Open GenAI, and more.
The best part is you can achieve this without building a custom workflow! Say goodbye to the hassle of using separate automations to call APIs. By seamlessly integrating within App Studio, you can now easily streamline your workflow, while gaining direct access to our Connector Catalog of popular applications.
We’ll discuss and demo the benefits of UiPath Apps and connectors including:
Creating a compelling user experience for any software, without the limitations of APIs.
Accelerating the app creation process, saving time and effort
Enjoying high-performance CRUD (create, read, update, delete) operations, for
seamless data management.
Speakers:
Russell Alfeche, Technology Leader, RPA at qBotic and UiPath MVP
Charlie Greenberg, host
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Keywords: AI, Containeres, Kubernetes, Cloud Native
Event Link: https://meine.doag.org/events/cloudland/2024/agenda/#agendaId.4211
Introducing BoxLang : A new JVM language for productivity and modularity!Ortus Solutions, Corp
Just like life, our code must adapt to the ever changing world we live in. From one day coding for the web, to the next for our tablets or APIs or for running serverless applications. Multi-runtime development is the future of coding, the future is to be dynamic. Let us introduce you to BoxLang.
Dynamic. Modular. Productive.
BoxLang redefines development with its dynamic nature, empowering developers to craft expressive and functional code effortlessly. Its modular architecture prioritizes flexibility, allowing for seamless integration into existing ecosystems.
Interoperability at its Core
With 100% interoperability with Java, BoxLang seamlessly bridges the gap between traditional and modern development paradigms, unlocking new possibilities for innovation and collaboration.
Multi-Runtime
From the tiny 2m operating system binary to running on our pure Java web server, CommandBox, Jakarta EE, AWS Lambda, Microsoft Functions, Web Assembly, Android and more. BoxLang has been designed to enhance and adapt according to it's runnable runtime.
The Fusion of Modernity and Tradition
Experience the fusion of modern features inspired by CFML, Node, Ruby, Kotlin, Java, and Clojure, combined with the familiarity of Java bytecode compilation, making BoxLang a language of choice for forward-thinking developers.
Empowering Transition with Transpiler Support
Transitioning from CFML to BoxLang is seamless with our JIT transpiler, facilitating smooth migration and preserving existing code investments.
Unlocking Creativity with IDE Tools
Unleash your creativity with powerful IDE tools tailored for BoxLang, providing an intuitive development experience and streamlining your workflow. Join us as we embark on a journey to redefine JVM development. Welcome to the era of BoxLang.
From Natural Language to Structured Solr Queries using LLMsSease
This talk draws on experimentation to enable AI applications with Solr. One important use case is to use AI for better accessibility and discoverability of the data: while User eXperience techniques, lexical search improvements, and data harmonization can take organizations to a good level of accessibility, a structural (or “cognitive” gap) remains between the data user needs and the data producer constraints.
That is where AI – and most importantly, Natural Language Processing and Large Language Model techniques – could make a difference. This natural language, conversational engine could facilitate access and usage of the data leveraging the semantics of any data source.
The objective of the presentation is to propose a technical approach and a way forward to achieve this goal.
The key concept is to enable users to express their search queries in natural language, which the LLM then enriches, interprets, and translates into structured queries based on the Solr index’s metadata.
This approach leverages the LLM’s ability to understand the nuances of natural language and the structure of documents within Apache Solr.
The LLM acts as an intermediary agent, offering a transparent experience to users automatically and potentially uncovering relevant documents that conventional search methods might overlook. The presentation will include the results of this experimental work, lessons learned, best practices, and the scope of future work that should improve the approach and make it production-ready.
Northern Engraving | Modern Metal Trim, Nameplates and Appliance PanelsNorthern Engraving
What began over 115 years ago as a supplier of precision gauges to the automotive industry has evolved into being an industry leader in the manufacture of product branding, automotive cockpit trim and decorative appliance trim. Value-added services include in-house Design, Engineering, Program Management, Test Lab and Tool Shops.
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor IvaniukFwdays
At this talk we will discuss DDoS protection tools and best practices, discuss network architectures and what AWS has to offer. Also, we will look into one of the largest DDoS attacks on Ukrainian infrastructure that happened in February 2022. We'll see, what techniques helped to keep the web resources available for Ukrainians and how AWS improved DDoS protection for all customers based on Ukraine experience
Dandelion Hashtable: beyond billion requests per second on a commodity serverAntonios Katsarakis
This slide deck presents DLHT, a concurrent in-memory hashtable. Despite efforts to optimize hashtables, that go as far as sacrificing core functionality, state-of-the-art designs still incur multiple memory accesses per request and block request processing in three cases. First, most hashtables block while waiting for data to be retrieved from memory. Second, open-addressing designs, which represent the current state-of-the-art, either cannot free index slots on deletes or must block all requests to do so. Third, index resizes block every request until all objects are copied to the new index. Defying folklore wisdom, DLHT forgoes open-addressing and adopts a fully-featured and memory-aware closed-addressing design based on bounded cache-line-chaining. This design offers lock-free index operations and deletes that free slots instantly, (2) completes most requests with a single memory access, (3) utilizes software prefetching to hide memory latencies, and (4) employs a novel non-blocking and parallel resizing. In a commodity server and a memory-resident workload, DLHT surpasses 1.6B requests per second and provides 3.5x (12x) the throughput of the state-of-the-art closed-addressing (open-addressing) resizable hashtable on Gets (Deletes).
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...Jason Yip
The typical problem in product engineering is not bad strategy, so much as “no strategy”. This leads to confusion, lack of motivation, and incoherent action. The next time you look for a strategy and find an empty space, instead of waiting for it to be filled, I will show you how to fill it in yourself. If you’re wrong, it forces a correction. If you’re right, it helps create focus. I’ll share how I’ve approached this in the past, both what works and lessons for what didn’t work so well.
inQuba Webinar Mastering Customer Journey Management with Dr Graham HillLizaNolte
HERE IS YOUR WEBINAR CONTENT! 'Mastering Customer Journey Management with Dr. Graham Hill'. We hope you find the webinar recording both insightful and enjoyable.
In this webinar, we explored essential aspects of Customer Journey Management and personalization. Here’s a summary of the key insights and topics discussed:
Key Takeaways:
Understanding the Customer Journey: Dr. Hill emphasized the importance of mapping and understanding the complete customer journey to identify touchpoints and opportunities for improvement.
Personalization Strategies: We discussed how to leverage data and insights to create personalized experiences that resonate with customers.
Technology Integration: Insights were shared on how inQuba’s advanced technology can streamline customer interactions and drive operational efficiency.
QA or the Highway - Component Testing: Bridging the gap between frontend appl...zjhamm304
These are the slides for the presentation, "Component Testing: Bridging the gap between frontend applications" that was presented at QA or the Highway 2024 in Columbus, OH by Zachary Hamm.
How information systems are built or acquired puts information, which is what they should be about, in a secondary place. Our language adapted accordingly, and we no longer talk about information systems but applications. Applications evolved in a way to break data into diverse fragments, tightly coupled with applications and expensive to integrate. The result is technical debt, which is re-paid by taking even bigger "loans", resulting in an ever-increasing technical debt. Software engineering and procurement practices work in sync with market forces to maintain this trend. This talk demonstrates how natural this situation is. The question is: can something be done to reverse the trend?
2. 1
La 1ère école 100 % dédiée à l'open source
Open Source School est fondée à l'initiative de Smile, leader de
l'intégration et de l'infogérance open source, et de l'EPSI,établissement
privé pionnier de l’enseignement supérieur en informatique.
Dans le cadre du Programme d’Investissements d’Avenir (PIA), le
gouvernement français a décidé de soutenir la création de cette école en
lui attribuant une première aide de 1,4M€ et confirme sa volonté de
soutenir la filière du Logiciel Libre actuellement en plein développement.
Avec une croissance annuelle de plus de 10%, et 4 000
postes vacants chaque année dans le secteur du Logiciel
Libre, OSS entend répondre à la pénurie de compétences du
secteur en mobilisant l’ensemble de l’écosystème et en
proposant la plus vaste offre en matière de formation aux
technologies open source tant en formation initiale qu'en
formation continue.
3. 2
Les formations du plein emploi !
Formation Continue
Open Source School "Executive Education" est un organisme
de formation qui propose un catalogue de plus de 200
formations professionnelles et différents dispositifs de
reconversion permettant le retour à l’emploi (POE) ou une
meilleure employabilité pour de nombreux professionnels de
l’informatique.
Pour vos demandes : formations@opensourceschool.fr
Formation Initiale
100% logiciels libres et 100% alternance, le cursus Open
Source School s’appuie sur le référentiel des blocs de
compétences de l’EPSI.
Il est sanctionné par un titre de niveau I RNCP, Bac+5.
Le programme est proposé dans 6 campus à Bordeaux, Lille,
Lyon, Montpellier, Nantes, Paris.
5. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Plan
1 Introduction
2 Anatomy of a LDAP directory
3 OpenLDAP: A LDAP implementation
4 Lab : Install an OpenLDAP server
5 Working with LDAP servers
6 Extending LDAP
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 2/62
6. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Introduction
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 3/62
7. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Directories
Directories
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 4/62
8. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Directories
What is a Directory ?
The simple answer
Large information base, mostly for read access
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 5/62
9. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Directories
Directory Examples
A few examples
People: white pages
Organizations: yellow pages
Computers: DNS
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 6/62
10. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Directories
A Directory: what for ?
Authentication and authorization on systems or applications
Group maintainance
Privileges maintainance
Address books
Organization chart
. . .
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 7/62
11. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
History of LDAP
History of LDAP
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 8/62
12. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
History of LDAP
History of LDAP: The Genesis
The X500 standards
Created in the 80s, based on 70 years of electronic directories
from telephone companies
X500 directories are supposed to be accessed utins the
Directory Access Protocol
Problem : DAP was based on the OSI stack, which never
really took off
Lightweight DAP (LDAP) was created to access directories over
the TCP/IP stack
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 9/62
13. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
History of LDAP
History of LDAP: Standardization
LDAP became an IETF (Internet Engineering Task Force)
standard in 1997
Now, most servers only do LDAP
OpenLDAP (the reference)
Netscape Directory Server (the dinosaur)
SunONE
389 Directory Server
Apache Directory Server , OpenDS (the youngsters)
Microsoft Active Directory (the ugly)
Current protocol version : LDAP v3
LDAP v2 deprecated since 2003
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 10/62
14. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Anatomy of a LDAP directory
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 11/62
15. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Directory Information Tree
Directory Information Tree
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 12/62
16. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Directory Information Tree
Directory Information Tree
LDAP = access protocol, but what do we access?
X500 standard: The Directory: Overview of concepts, models
and services
X500 is based around a single Directory Information Tree
Hierarchical structure
Has a root
Every entity can be a node or a leaf
Each entity has only one path
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 13/62
17. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Directory Information Tree
DIT Structure
In a branch, an entity is known by its
Relative Distinguished Name (RDN)
In the whole directory, its known by its
Distinguished Name (DN)
Simply a comma-separated list of the
RDNs of all nodes on its (unique) path
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 14/62
18. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
LDAP Entities
LDAP Entities
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 15/62
19. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
LDAP Entities
LDAP Entities: Commons properties
Object orientation (classes, attributes, objetcts, inheritance,
etc. . . )
Attributes are defined by a schema
The schema itself is hierarchical through inheritance, but the
schema hierarchy has nothing to do with the object hierarchy
(DIT)
Values are strongly typed
Standard classes and attributes are directory-oriented
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 16/62
20. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
LDAP Entities
LDAP Entities: Classes
Simple inheritance
Class types
Abstract
Structural: defines the meaning of the object
Auxiliary: allows to add attributes to an object (composition)
Classes are lists of attributes
Mandatory attributes
Optional attributes
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 17/62
21. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
LDAP Entities
LDAP Entities: Attribute
Simple Inheritance
Example: surname attribute type inherits from name attribute
Defined outside the class
Can be used by different classes
May have multiple names
Usually a short and a long name
Example: commonName and cn
Can be multi-valued
Single valued: first name, UID
Multivalued: group membership, email aliases
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 18/62
22. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
LDAP Entities
LDAP Entities: Attribute syntax
Syntax: defines the attribute type
Integer
String (UTF-8 only)
Telephone Number
Date
Binary data
Standardized on a specific tree
Example OID (Object ID): 1.3.6.1.4.1.1466.115.121.1.15
http://www.rfc-editor.org/rfc/rfc2252.txt
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 19/62
23. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
LDAP Entities
LDAP Entities: Matching rule
Matching rule on attribute value
Defines how values are compared
For equality or substrings
Sorting
Examples :
caseExactMatch (toto == toto)
caseIgnoreMatch (toto == ToTO)
telephoneNumberMatch ( 04 99 77 20 19 = 04-99-77-20-19)
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 20/62
24. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
LDAP Entities
LDAP Entities: Object structure
Object
Instances of one or more classes (object composition)
Can only have one structural class
And as many auxiliary classes as wanted
Example: person, posixAccount, sambaAccount
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 21/62
25. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
LDAP Entities
LDAP Entities: Object definition
Object Definition
Have a special “objectClass” attribute
Defines which classes the object belongs to
All objects must have at least one objectClass
“objectClass” does not belong to any class
The RDN of the object is one of its attributes
Format: attr name=value
Examples
User :
uid=bejac
Computer :
hostname=myserver
Example DN
dn: uid=bejac,department=DT,locality=levallois,organization=smile
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 22/62
26. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
LDAP vs RDBMS
LDAP vs RDBMS
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 23/62
27. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
LDAP vs RDBMS
LDAP vs RDBMS
Why choose LDAP over a RDBMS
Standard protocol
All databases have different access protocols
SQL is NOT an access protocol
Many LDAP implementations
Very rich on data validation and structure
Native structure is close to most organization’s structure
Hierarchical
Very fast reads
Efficient lookup of different objects with common attributes
Usually does not require adaptation of the directory to an
application
Standard schemas and classes offer a wide range of common
use cases.
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 24/62
28. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
LDAP vs RDBMS
LDAP vs RDBMS
However, LDAP is not recommended if
Its only used for one application
Many relations between objects
Lots of edits/inserts/deletes
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 25/62
29. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Standard object classes
Standard object classes
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 26/62
30. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Standard object classes
Standard object classes: inetOrgPerson
inetOrgPerson : user accounts in a company
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 27/62
31. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Standard object classes
Standard object classes: groupOfNames
groupOfNames : groups
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 28/62
32. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Standard object classes
Standard object classes: organizationalUnit
organizationUnit : branches
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 29/62
33. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
OpenLDAP: A LDAP implemen
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 30/62
34. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
OpenLDAP
OpenLDAP is a software project that provides
A LDAP server : slapd
A LDAP client library : libldap
Command line LDAP tools : ldap-utils
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 31/62
35. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Setting up slapd
Setting up slapd
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 32/62
36. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Setting up slapd
Setting up slapd
On Debian
aptitude install slapd
/etc/init.d/slapd stop
rm -rf /etc/ldap/slapd.d
cp /usr/share/doc/slapd/examples/slapd.conf /etc/ldap
In /etc/ldap/slapd.conf
Replace @BACKEND@ with hdb
Replace @SUFFIX@ with dc=lxc
Replace @ADMIN@ with cn=admin, dc=lxc
Comment out rootdn
Add the following line below rootdn
rootpw "admin"
/etc/init.d/slapd start
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 33/62
37. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Setting up slapd
Setting up slapd
Config directory (/etc/ldap/slapd.d)
All config edits must be done through LDAP operations
Harder to maintain
Powerful
Don’t use it if you’re not extremely familiar with OpenLDAP
Config file (/etc/ldap/slapd.conf)
Easier to maintain (in only one place)
Edits via any text editor
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 34/62
38. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Setting up slapd
Setting up slapd
Config file useful parameters
suffix : base of your DIT
rootdn/rootpw : admin credentials
ACLs
access to *
by dn="cn=admin,dc=mondomain" write
by * read
admin can write everything
everybody else can only read
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 35/62
39. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
LDAP Clients
LDAP Clients
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 36/62
40. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
LDAP Clients
LDAP Clients
Desktop clients :
JXPlorer:
Use java libs to connect, allowing to check if your java apps
will have working LDAP
http://www.jxplorer.org/
Apache Directory Studio:
RCP (based on Eclipse)
Intended to be used with ApacheDS
Great for any other server too
http://directory.apache.org/studio/
Or as an eclipse plugin :
http://directory.apache.org/studio/update/1.x
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 37/62
41. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
LDAP Clients
LDAP Clients
phpLDAPAdmin:
Web client
Uses a templating system to easy entry administration
Very customizable, great for integration as an easy admin tool
for a client
Nice schema browser
Installation
PHP 5 LDAP + Debian :
# aptitude install php5-ldap phpldapadmin
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 38/62
42. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Lab : Install an OpenLDAP serv
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 39/62
43. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Practice
Install OpenLDAP
Create two branches
Create two users in one of the branches
In the other branch, create a group for the two users
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 40/62
44. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Working with LDAP servers
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 41/62
45. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Data modification with LDIF
Data modification with LDIF
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 42/62
46. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Data modification with LDIF
The LDIF format 1/5
LDIF = LDAP Directory Interchange Format
Serialized data format for exchange of information between
directories
Standard, does not depend on a particular directory (but its
content can)
Similar in purpose to SQL
Knowledge of this format is mandatory when working with
LDAP
man ldif
Two types of records
Entry record
Contains an image of the data
Change record
Contains a set of operations to perform
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 43/62
47. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Data modification with LDIF
The LDIF format 2/5
Entry LDIF
Describes data from a directory (import/export)
Format
Simple and understandable by both computers and humans
(take that, XML!)
ASCII (no funny characters)
Syntax:
Entities are separated by a blank line
One attribute per line
attribute name: value
if the value can be encoded as an ASCII string (numbers, ascii
strings, etc.)
attribute name:: base 64 value
If the value cannot be encoded as ASCII (UTF-8 string, binary
data)
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 44/62
48. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Data modification with LDIF
The LDIF format 3/5
Entry LDIF example
dn: uid=mapal,ou=people,dc=smile,dc=fr
objectClass: inetOrgPerson
uid: mapal
cn: Marc Palazon
sn: Palazon
dn: uid=cychi,ou=people,dc=smile,dc=fr
objectClass: inetOrgPerson
uid: cychi
cn: Cyrille Chignardet
sn: Chignardet
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 45/62
49. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Data modification with LDIF
The LDIF format 4/5
Change LDIF
Only modifications
Modifications are separated by a ligne containing only a -
(dash)
New attributes can be used to describe operations
Syntax
changetype: modify
add, replace, delete attribute
add:
replace:
delete:
changetype: delete
Delete object
changetype: modrdn
Rename object
newrdn:
newsuperior:
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 46/62
50. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Data modification with LDIF
The LDIF format 5/5
Change LDIF example
dn : cn=Babs Jensen , dc=example , dc=com
changetype : modify
add : givenName
givenName : Barbara
givenName : babs
−
r e p l a c e : d e s c r i p t i o n
d e s c r i p t i o n : the f a b u l o u s babs
−
d e l e t e : sn
sn : j e n s e n
−
dn : cn=Babs Jensen , dc=example , dc=com
changetype : modrdn
newrdn : cn=Barbara J Jensen
newsuperior : ou=People , dc=example , dc=com
dn : cn=Barbara J Jensen , ou=People , dc=example , dc=com
changetype : d e l e t e
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 47/62
51. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Data retrieval with searches
Data retrieval with searches
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 48/62
52. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Data retrieval with searches
LDAP searches 1/2
4 elements are needed (base, scope, filter and attributes)
base
Node of the DIT under which search will occur
scope
sub: all objects under the base
base: only the base itself
one: only its immediate childs (but not the node itself)
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 49/62
53. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Data retrieval with searches
LDAP searches 2/2
Filter
Basic expression: attribute=value
used for “any value” or substringing
Examples:
cn=admin
cn=admi*
cn=*
Can use logic operators
AND (&), OR (|) , NOT (!)
Polish notation + parenthesis = “I Can’t Believe It’s Not
Lisp!” :
(&(attr1 = val1)(attr2 = val2))
(& (attr3 = val3) (|(attr1 = val1)(attr2 = val2)))
Attributes
Attributes to return from results (all by default)
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 50/62
54. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
OpenLDAP client tools
OpenLDAP client tools
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 51/62
55. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
OpenLDAP client tools
Client OpenLDAP tools
ldapsearch
-H <url> (ldap:// or ldaps://)
-x : skip SASL and use simple authentication
-D <user DN>
-w <password> (-W to prompt)
-b <base>
-s <base|one|sub> (scope)
<filter>
<attributes>
ldapmodify
Same parameters to specify the connection
-a (add new entries) = ldapadd
-f <ldif file>
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 52/62
56. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
OpenLDAP server tools
OpenLDAP server tools
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 53/62
57. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
OpenLDAP server tools
OpenLDAP server tools
Careful: they alter the database directly
Stop the server first!
Directory export (incl. metadata)
slapcat > export.ldif
Directory import
slapadd -l import.ldif
If you want to re-import everything:
First delete /var/lib/ldap/*
Always run slapadd as openldap user
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 54/62
58. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Extending LDAP
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 55/62
59. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Schemas
Schemas
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 56/62
60. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Schemas
LDAP schemas 1/4
Every element (syntax, attribute, class, rule) has an Object
IDentifier (OID)
The OID is a worldwide hierarchical database using the ASN.1
format
Example: 1.3.6 = iso.org.dod
It has nothing to do with the DIT or the objectClass hierarchy
Regulated by Internet Assigned Numbers Authority (IANA)
Anybody can get a Private Enterprise Number from IANA
Register at http://pen.iana.org/pen/PenApplication.page
See: http://www.iana.org/assignments/enterprise-numbers
Prefix for PEN: 1.3.6.1.4.1
Smile: 1.3.6.1.4.1.37413
Browse the OID tree at http://www.oid-info.com/
You can also use 2.999, intented for documentation
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 57/62
61. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Schemas
LDAP schemas 2/4
Defining a class
RFC4512 Object Class Description
O b j e c t C l a s s D e s c r i p t i o n = ”(” whsp
numericoid whsp ; O b j e c t C la s s i d e n t i f i e r
[ ”NAME” q d e s c r s ]
[ ”DESC” q d s t r i n g ]
[ ”OBSOLETE” whsp ]
[ ”SUP” o i d s ] ; S u p e r i o r O b j e c t C l a s s e s
[ ( ”ABSTRACT” / ”STRUCTURAL” / ”AUXILIARY” ) whsp ] ; d e f a u l t s t r u c t u r a l
[ ”MUST” o i d s ] ; AttributeTypes
[ ”MAY” o i d s ] ; AttributeTypes
whsp ”)”
Example:
o b j e c t c l a s s ( 2 . 5 . 6 . 6 NAME ’ person ’
DESC ’ RFC2256 : a person ’
SUP top STRUCTURAL
MUST ( sn $ cn )
MAY ( userPassword $ telephoneNumber $ s e e A l s o $ d e s c r i p t i o n
) )
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 58/62
62. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Schemas
LDAP schemas 3/4
Defining an attribute
RFC4512 Attribute Type Description
A t t r i b u t e T y p e D e s c r i p t i o n = ”(” whsp
numericoid whsp ; AttributeType i d e n t i f i e r
[ ”NAME” q d e s c r s ] ; name used i n AttributeType
[ ”DESC” q d s t r i n g ] ; d e s c r i p t i o n
[ ”EQUALITY” woid ; Matching Rule name
[ ”ORDERING” woid ; Matching Rule name
[ ”SUBSTR” woid ] ; Matching Rule name
[ ”SUP” woid ] ; d e r i v e d from t h i s other AttributeType
[ ”SYNTAX” whsp n o i d l e n whsp ] ; Syntax OID
[ ”SINGLE−VALUE” whsp ] ; d e f a u l t multi−valued
whsp ”)”
Exemple:
a t t r i b u t e t y p e ( 2 . 5 . 4 . 1 7 NAME ’ postalCode ’
DESC ’ RFC2256 : p o s t a l code ’
EQUALITY caseIgnoreMatch
SUBSTR c ase Ig nor eS ubs tri ng sMa tc h
SYNTAX 1 . 3 . 6 . 1 . 4 . 1 . 1 4 6 6 . 1 1 5 . 1 2 1 . 1 . 1 5 { 4 0 } )
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 59/62
63. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
Schemas
LDAP schemas 4/4
OpenLDAP schemas
Flat files in /etc/ldap/schema
include in slapd.conf
Examples:
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 60/62
64. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
How to design your DIT
How to design your DIT
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 61/62
65. Introduction Anatomy of a LDAP directory OpenLDAP: A LDAP implementation Lab : Install an OpenLDAP server Working wit
How to design your DIT
How to design your DIT
You need a deep understanding of how the directory will be
used
Many possibilities
You can use attributes, groups or structure to make sense of
the data
Simple model: one branch for people, one branch for groups
OU model:
Example: by business unit
Example: by activity (sales, production. . . )
Example: by hierarchy
Geographical model (by location. . . )
www.opensourceschool.fr – Licence Creative Commons (CC BY-SA 3.0 FR) – 62/62