Upgrade to Pro — share decks privately, control downloads, hide ads and more …

App::LDAP - 管理者と百台のコンピュータ #YAPC::Asia 2012

Avatar for shelling shelling
September 30, 2012
Technology
2
560

App::LDAP - 管理者と百台のコンピュータ #YAPC::Asia 2012

Introduction to App::LDAP, YAPC::Asia 2012

Avatar for shelling

shelling

September 30, 2012
Tweet

More Decks by shelling

See All by shelling
Distributed Storage for Web Applications
Avatar for shelling shelling
3
740

Other Decks in Technology

See All in Technology
はじめてのOSS開発からみえたGo言語の強み
Avatar for shibutani shibukazu
3
990
Snowflake Intelligenceにはこうやって立ち向かう!クラシルが考えるAI Readyなデータ基盤と活用のためのDataOps
Avatar for harry gappy50
0
280
開発者を支える Internal Developer Portal のイマとコレカラ / To-day and To-morrow of Internal Developer Portals: Supporting Developers
Avatar for Kento Kimura aoto
PRO
1
480
未経験者・初心者に贈る!40分でわかるAndroidアプリ開発の今と大事なポイント
Avatar for operandoOS operando
6
750
20250912_RPALT_データを集める→とっ散らかる問題_Obsidian紹介
Avatar for Naoko Shinagawa ratsbane666
0
100
LLM時代のパフォーマンスチューニング:MongoDB運用で試したコンテキスト活用の工夫
Avatar for ishikawa-pro ishikawa_pro
0
170
新アイテムをどう使っていくか?みんなであーだこーだ言ってみよう / 20250911-rpi-jam-tokyo
Avatar for Akira Ouchi akkiesoft
0
340
5年目から始める Vue3 サイト改善 #frontendo
Avatar for Kihara, Takuya tacck
PRO
3
230
要件定義・デザインフェーズでもAIを活用して、コミュニケーションの密度を高める
Avatar for KazukiHayase kazukihayase
0
120
サラリーマンの小遣いで作るtoCサービス - Cloudflare Workersでスケールする開発戦略
Avatar for shinaps shinaps
2
470
AWSを利用する上で知っておきたい名前解決のはなし(10分版)
Avatar for nagisa_53 nagisa53
10
3.2k
AI時代を生き抜くエンジニアキャリアの築き方 (AI-Native 時代、エンジニアという道は 「最大の挑戦の場」となる) / Building an Engineering Career to Thrive in the Age of AI (In the AI-Native Era, the Path of Engineering Becomes the Ultimate Arena of Challenge)
Avatar for JaeSoon Jeong jeongjaesoon
0
250

Featured

See All Featured
Stop Working from a Prison Cell
Avatar for Chris Michel hatefulcrawdad
271
21k
Building a Modern Day 
E-commerce SEO Strategy
Avatar for Aleyda Solis aleyda
43
7.6k
Building Adaptive Systems
Avatar for Chris Keathley keathley
43
2.7k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
Avatar for Irina Nazarova irinanazarova
8
930
Build your cross-platform service in a week with App Engine
Avatar for Jose L jlugia
231
18k
Sharpening the Axe: The Primacy of Toolmaking
Avatar for Bryan Cantrill bcantrill
44
2.5k
JavaScript: Past, Present, and Future - NDC Porto 2020
Avatar for David Neal reverentgeek
52
5.6k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
Avatar for soudai sone soudai
PRO
188
55k
Documentation Writing (for coders)
Avatar for Carmen Chung carmenintech
74
5k
YesSQL, Process and Tooling at Scale
Avatar for Rocio Delgado rocio
173
14k
Designing Experiences People Love
Avatar for Jonathan Moore moore
142
24k
Testing 201, or: Great Expectations
Avatar for Joseph Mastey jmmastey
45
7.7k

Transcript

  1. App::LDAP 管理者と百台のコンピュータ shelling Sunday, September 30, 12

  2. #!/me use qw(perl ruby javascript); use feature qw(css elisp); twitter

    “shellingford”; github “shelling”; cpan “shelling”; Sunday, September 30, 12

  3. Review Sunday, September 30, 12

  4. /etc/passwd /etc/shadow LDAP Server Sunday, September 30, 12

  5. network file system samba account netgroup network printers ... Sunday,

    September 30, 12

  6. new . Sunday, September 30, 12

  7. ldap-utils LDAP Server Sunday, September 30, 12

  8. LDIF#add ldapmodify -a -f dn: uid=jason8936,ou=people,dc=example,dc=com uid: jason8936 cn: jason8936

    sn: jason8936 mail: [email protected] objectClass: inetOrgPerson objectClass: posixAccount objectClass: top objectClass: shadowAccount userPassword: {crypt}$6$Hk7MFO3..... shadowMax: 99999 shadowWarning: 7 loginShell: /bin/bash uidNumber: 1020 gidNumber: 1020 homeDirectory: /home/jason8936 Sunday, September 30, 12

  9. LDIF#modify ldapmodify -f dn: uid=jason8936,ou=people,dc=example,dc=com changetype: modify delete: mail mail:

    [email protected] - add: mail mail: [email protected] mail: [email protected] Sunday, September 30, 12

  10. LDIF#delete ldapmodify -f dn: uid=jason8936,ou=people,dc=example,dc=com changetype: delete Sunday, September 30,

    12

  11. Drawbacks • Time-Consumed • Not Quite Convenient • Not Abstract

    Enough Sunday, September 30, 12

  12. Demo https://vimeo.com/50077777 Sunday, September 30, 12

  13. Demo https://vimeo.com/50077777 Sunday, September 30, 12

  14. under the hood Sunday, September 30, 12

  15. MVC $ ldap add user foo Controller Model LDAP Server

    (CRUD)able Sunday, September 30, 12

  16. User Group Host Sudoer Controller & Dispatcher $ ldap add

    user foo Command Add Del Passwd Export User Group Host Sudoer App::LDAP:: use qw( Namespace::Dispatch MooseX::Getopt ); sub run { ... } foo Sunday, September 30, 12

  17. Model & Schema top posixAccount person organizationalPerson inetOrgPerson shadowAccount posixGroup

    ipHost LDIF::User LDIF::Group RFC2307 RFC2798 Sunday, September 30, 12

  18. just class package person; use Moose; extends ‘top’; has ...

    => ...; package organizationalPerson; use Moose; extends ‘person’; has ... => ...; Sunday, September 30, 12

  19. required => ? objectclass ( 1.3.6.1.1.1.2.0 NAME 'posixAccount' DESC 'an

    account with POSIX attributes' SUP top AUXILIARY MUST ( cn $ uid $ uidNumber $ gidNumber $ homeDirectory ) MAY ( userPassword $ loginShell $ gecos $ description ) ) 1 0 RFC2307 has cn => ( required => ); Sunday, September 30, 12

  20. isa => ? attributetype ( 1.3.6.1.1.1.1.0 NAME 'uidNumber' DESC 'An

    integer identifying a user' EQUALITY integerMatch SYNTAX ‘INTEGER’ SINGLE-VALUE ) attributetype ( 1.3.6.1.1.1.1.12 NAME 'memberUid' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX ‘IA5String’ ) ArrayRef[Str] Num Not SINGLE-VALUE RFC2307 Sunday, September 30, 12

  21. Ext#1 package App::LDAP::ObjectClass::Foo; use Moose; has ‘a_attribute’ => ( is

    => “rw”, isa => “...”, required => 1 or 0, ); ... Sunday, September 30, 12

  22. Ext#2 package App::LDAP::LDIF::Foo; use Moose; extends “App::LDAP::ObjectClass::Foo”; has ‘+a_attribute’ =>

    ( default => “...”, ); ... Sunday, September 30, 12

  23. Ext#3 package App::LDAP::Command::Foo; use Moose; with “App::LDAP::Role::Command”; sub run {

    my $self = @_; App::LDAP::LDIF::Foo->... } ... Sunday, September 30, 12

  24. NextStep#1 User->search( cn => “shelling ford”, mail => “[email protected]” );

    Sunday, September 30, 12

  25. NextStep#2 $user->modify( cn => “shelling ford”, mail => “[email protected]” );

    Sunday, September 30, 12

  26. NextStep#3 config(“/nss/passwd”); config(“/nss/group”); Sunday, September 30, 12

  27. UseCase#1 LDAP NFS orker /home/ Worker Worker Worker Work look

    up sudoers mount Sunday, September 30, 12

  28. UseCase#2 galera1 galera2 galera3 LDAP galera3’ look up hosts 10.1.193.205

    10.1.132.173 Sunday, September 30, 12

  29. Conclusions Not a replacement to ldap-utils Saving your time on

    routines help you to create correct LDIFs Sunday, September 30, 12

  30. Thank You http://github.com/shelling/app-ldap pull request & issues welcome Sunday, September

    30, 12