Upgrade to Pro — share decks privately, control downloads, hide ads and more …

App::LDAP - 管理者と百台のコンピュータ #YAPC::Asia 2012

Avatar for shelling shelling
September 30, 2012
Technology
600
2

App::LDAP - 管理者と百台のコンピュータ #YAPC::Asia 2012

Introduction to App::LDAP, YAPC::Asia 2012

Avatar for shelling

shelling

September 30, 2012

More Decks by shelling

See All by shelling
Distributed Storage for Web Applications
Avatar for shelling shelling
3
790

Other Decks in Technology

See All in Technology
もりもり新機能を一挙紹介! AgentCoreに入門して、AWS上にAIエージェントを構築しよう
Avatar for みのるん minorun365
PRO
6
630
ITエンジニアを取り巻く環境とキャリアパス / A career path for Japanese IT engineers
Avatar for 高玉 広和 / TAKATAMA Hirokazu takatama
4
1.8k
ルールやカスタム機能、どう使う?理想の出力を引き出すために今知りたいIBM Bob 5つの機能
Avatar for mu (Mizuho Uehara) muehara
0
180
ポスター発表&デモと総括 / Poster Presentations & Demonstrations and Summary
Avatar for Kenji Saito ks91
PRO
0
180
Platform Engineering as a Product: Criteria for Improvement and Multi-Tenant Design
Avatar for Kumo Ishikawa kumorn5s
0
460
「気づいたら仕事が終わっている」バクラクAIエージェント本番運用の裏側 / layerx-bakuraku-aie2026
Avatar for Yuya Matsumura yuya4
6
4.3k
エンジニアは生成AIと どのように向き合うべきか? ことばの意味という観点から
Avatar for Hitomi Yanaka verypluming
3
320
Oracle AI Database@Azure:サービス概要のご紹介
Avatar for oracle4engineer oracle4engineer
PRO
6
1.8k
AIガバナンス実践 - 生成AIコネクタのデータ漏洩リスクと実務対策
Avatar for 西岡 賢一郎 (Kenichiro Nishioka) knishioka
0
160
TypeScript Compiler APIとPHP-Parserを活用し、TypeScriptとPHPで型を共有する
Avatar for did0es shuta13
0
320
AI Engineering Summit Tokyo 2026 AIの前に、やることがある 〜医療データ企業の4フェーズ〜
Avatar for Daisuke Taniwaki dtaniwaki
0
450
イベントストーミングとKiroの仕様駆動開発で実現する要件の認識合わせプロセス
Avatar for syobochim syobochim
7
1k

Featured

See All Featured
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
Avatar for Marc Duiker marcduiker
35
2.5k
State of Search Keynote: SEO is Dead Long Live SEO
Avatar for Ryan Jones ryanjones
0
200
Sharpening the Axe: The Primacy of Toolmaking
Avatar for Bryan Cantrill bcantrill
46
2.8k
Pawsitive SEO: Lessons from My Dog (and Many Mistakes) on Thriving as a Consultant in the Age of AI
Avatar for David Carrasco davidcarrasco
0
150
GitHub's CSS Performance
Avatar for Jon Rohan jonrohan
1033
470k
We Are The Robots
Avatar for Honza Javorek honzajavorek
0
240
Groundhog Day: Seeking Process in Gaming for Health
Avatar for Sebastian Deterding codingconduct
0
200
Kristin Tynski - Automating Marketing Tasks With AI
Avatar for Tech SEO Connect techseoconnect
PRO
0
260
Build The Right Thing And Hit Your Dates
Avatar for Maggie C. maggiecrowley
39
3.2k
How to Think Like a Performance Engineer
Avatar for Harry Roberts csswizardry
28
2.6k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
Avatar for panda_program panda_program
122
22k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
Avatar for Irina Nazarova irinanazarova
9
1.4k

Transcript

  1. App::LDAP 管理者と百台のコンピュータ shelling Sunday, September 30, 12

  2. #!/me use qw(perl ruby javascript); use feature qw(css elisp); twitter

    “shellingford”; github “shelling”; cpan “shelling”; Sunday, September 30, 12

  3. Review Sunday, September 30, 12

  4. /etc/passwd /etc/shadow LDAP Server Sunday, September 30, 12

  5. network file system samba account netgroup network printers ... Sunday,

    September 30, 12

  6. new . Sunday, September 30, 12

  7. ldap-utils LDAP Server Sunday, September 30, 12

  8. LDIF#add ldapmodify -a -f dn: uid=jason8936,ou=people,dc=example,dc=com uid: jason8936 cn: jason8936

    sn: jason8936 mail: [email protected] objectClass: inetOrgPerson objectClass: posixAccount objectClass: top objectClass: shadowAccount userPassword: {crypt}$6$Hk7MFO3..... shadowMax: 99999 shadowWarning: 7 loginShell: /bin/bash uidNumber: 1020 gidNumber: 1020 homeDirectory: /home/jason8936 Sunday, September 30, 12

  9. LDIF#modify ldapmodify -f dn: uid=jason8936,ou=people,dc=example,dc=com changetype: modify delete: mail mail:

    [email protected] - add: mail mail: [email protected] mail: [email protected] Sunday, September 30, 12

  10. LDIF#delete ldapmodify -f dn: uid=jason8936,ou=people,dc=example,dc=com changetype: delete Sunday, September 30,

    12

  11. Drawbacks • Time-Consumed • Not Quite Convenient • Not Abstract

    Enough Sunday, September 30, 12

  12. Demo https://vimeo.com/50077777 Sunday, September 30, 12

  13. Demo https://vimeo.com/50077777 Sunday, September 30, 12

  14. under the hood Sunday, September 30, 12

  15. MVC $ ldap add user foo Controller Model LDAP Server

    (CRUD)able Sunday, September 30, 12

  16. User Group Host Sudoer Controller & Dispatcher $ ldap add

    user foo Command Add Del Passwd Export User Group Host Sudoer App::LDAP:: use qw( Namespace::Dispatch MooseX::Getopt ); sub run { ... } foo Sunday, September 30, 12

  17. Model & Schema top posixAccount person organizationalPerson inetOrgPerson shadowAccount posixGroup

    ipHost LDIF::User LDIF::Group RFC2307 RFC2798 Sunday, September 30, 12

  18. just class package person; use Moose; extends ‘top’; has ...

    => ...; package organizationalPerson; use Moose; extends ‘person’; has ... => ...; Sunday, September 30, 12

  19. required => ? objectclass ( 1.3.6.1.1.1.2.0 NAME 'posixAccount' DESC 'an

    account with POSIX attributes' SUP top AUXILIARY MUST ( cn $ uid $ uidNumber $ gidNumber $ homeDirectory ) MAY ( userPassword $ loginShell $ gecos $ description ) ) 1 0 RFC2307 has cn => ( required => ); Sunday, September 30, 12

  20. isa => ? attributetype ( 1.3.6.1.1.1.1.0 NAME 'uidNumber' DESC 'An

    integer identifying a user' EQUALITY integerMatch SYNTAX ‘INTEGER’ SINGLE-VALUE ) attributetype ( 1.3.6.1.1.1.1.12 NAME 'memberUid' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX ‘IA5String’ ) ArrayRef[Str] Num Not SINGLE-VALUE RFC2307 Sunday, September 30, 12

  21. Ext#1 package App::LDAP::ObjectClass::Foo; use Moose; has ‘a_attribute’ => ( is

    => “rw”, isa => “...”, required => 1 or 0, ); ... Sunday, September 30, 12

  22. Ext#2 package App::LDAP::LDIF::Foo; use Moose; extends “App::LDAP::ObjectClass::Foo”; has ‘+a_attribute’ =>

    ( default => “...”, ); ... Sunday, September 30, 12

  23. Ext#3 package App::LDAP::Command::Foo; use Moose; with “App::LDAP::Role::Command”; sub run {

    my $self = @_; App::LDAP::LDIF::Foo->... } ... Sunday, September 30, 12

  24. NextStep#1 User->search( cn => “shelling ford”, mail => “[email protected]” );

    Sunday, September 30, 12

  25. NextStep#2 $user->modify( cn => “shelling ford”, mail => “[email protected]” );

    Sunday, September 30, 12

  26. NextStep#3 config(“/nss/passwd”); config(“/nss/group”); Sunday, September 30, 12

  27. UseCase#1 LDAP NFS orker /home/ Worker Worker Worker Work look

    up sudoers mount Sunday, September 30, 12

  28. UseCase#2 galera1 galera2 galera3 LDAP galera3’ look up hosts 10.1.193.205

    10.1.132.173 Sunday, September 30, 12

  29. Conclusions Not a replacement to ldap-utils Saving your time on

    routines help you to create correct LDIFs Sunday, September 30, 12

  30. Thank You http://github.com/shelling/app-ldap pull request & issues welcome Sunday, September

    30, 12