Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
App::LDAP - 管理者と百台のコンピュータ #YAPC::Asia 2012
Search
shelling
September 30, 2012
Technology
2
560
App::LDAP - 管理者と百台のコンピュータ #YAPC::Asia 2012
Introduction to App::LDAP, YAPC::Asia 2012
shelling
September 30, 2012
Tweet
Share
More Decks by shelling
See All by shelling
Distributed Storage for Web Applications
shelling
3
740
Other Decks in Technology
See All in Technology
Cloud WANの基礎から応用~少しだけDeep Dive~
masakiokuda
3
120
【OptimizationNight】数理最適化のラストワンマイルとしてのUIUX
brainpadpr
2
550
モノレポにおけるエラー管理 ~Runbook自動生成とチームメンションの最適化
biwashi
0
360
はじめての転職講座/The Guide of First Career Change
kwappa
5
4.4k
ロールが細分化された組織でSREと協働するインフラエンジニアは何をするか? / SRE Lounge #18
kossykinto
0
240
GCASアップデート(202506-202508)
techniczna
0
200
自治体職員がガバクラの AWS 閉域ネットワークを理解するのにやって良かった個人検証環境
takeda_h
0
310
JAWS-UG のイベントで使うハンズオンシナリオを Amazon Q Developer for CLI で作ってみた話
kazzpapa3
0
120
Infrastructure as Prompt実装記 〜Bedrock AgentCoreで作る自然言語インフラエージェント〜
yusukeshimizu
1
160
テストを実行してSorbetのsigを書こう!
sansantech
PRO
1
130
LLM 機能を支える Langfuse / ClickHouse のサーバレス化
yuu26
9
2.6k
AIが住民向けコンシェルジュに?Amazon Connectと生成AIで実現する自治体AIエージェント!
yuyeah
0
210
Featured
See All Featured
GitHub's CSS Performance
jonrohan
1031
460k
Building Flexible Design Systems
yeseniaperezcruz
328
39k
Documentation Writing (for coders)
carmenintech
73
5k
A better future with KSS
kneath
239
17k
The World Runs on Bad Software
bkeepers
PRO
70
11k
How to train your dragon (web standard)
notwaldorf
96
6.2k
RailsConf 2023
tenderlove
30
1.2k
Build your cross-platform service in a week with App Engine
jlugia
231
18k
Producing Creativity
orderedlist
PRO
347
40k
Become a Pro
speakerdeck
PRO
29
5.5k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
283
13k
Making the Leap to Tech Lead
cromwellryan
134
9.5k
Transcript
App::LDAP 管理者と百台のコンピュータ shelling Sunday, September 30, 12
#!/me use qw(perl ruby javascript); use feature qw(css elisp); twitter
“shellingford”; github “shelling”; cpan “shelling”; Sunday, September 30, 12
Review Sunday, September 30, 12
/etc/passwd /etc/shadow LDAP Server Sunday, September 30, 12
network file system samba account netgroup network printers ... Sunday,
September 30, 12
new . Sunday, September 30, 12
ldap-utils LDAP Server Sunday, September 30, 12
LDIF#add ldapmodify -a -f dn: uid=jason8936,ou=people,dc=example,dc=com uid: jason8936 cn: jason8936
sn: jason8936 mail:
[email protected]
objectClass: inetOrgPerson objectClass: posixAccount objectClass: top objectClass: shadowAccount userPassword: {crypt}$6$Hk7MFO3..... shadowMax: 99999 shadowWarning: 7 loginShell: /bin/bash uidNumber: 1020 gidNumber: 1020 homeDirectory: /home/jason8936 Sunday, September 30, 12
LDIF#modify ldapmodify -f dn: uid=jason8936,ou=people,dc=example,dc=com changetype: modify delete: mail mail:
[email protected]
- add: mail mail:
[email protected]
mail:
[email protected]
Sunday, September 30, 12
LDIF#delete ldapmodify -f dn: uid=jason8936,ou=people,dc=example,dc=com changetype: delete Sunday, September 30,
12
Drawbacks • Time-Consumed • Not Quite Convenient • Not Abstract
Enough Sunday, September 30, 12
Demo https://vimeo.com/50077777 Sunday, September 30, 12
Demo https://vimeo.com/50077777 Sunday, September 30, 12
under the hood Sunday, September 30, 12
MVC $ ldap add user foo Controller Model LDAP Server
(CRUD)able Sunday, September 30, 12
User Group Host Sudoer Controller & Dispatcher $ ldap add
user foo Command Add Del Passwd Export User Group Host Sudoer App::LDAP:: use qw( Namespace::Dispatch MooseX::Getopt ); sub run { ... } foo Sunday, September 30, 12
Model & Schema top posixAccount person organizationalPerson inetOrgPerson shadowAccount posixGroup
ipHost LDIF::User LDIF::Group RFC2307 RFC2798 Sunday, September 30, 12
just class package person; use Moose; extends ‘top’; has ...
=> ...; package organizationalPerson; use Moose; extends ‘person’; has ... => ...; Sunday, September 30, 12
required => ? objectclass ( 1.3.6.1.1.1.2.0 NAME 'posixAccount' DESC 'an
account with POSIX attributes' SUP top AUXILIARY MUST ( cn $ uid $ uidNumber $ gidNumber $ homeDirectory ) MAY ( userPassword $ loginShell $ gecos $ description ) ) 1 0 RFC2307 has cn => ( required => ); Sunday, September 30, 12
isa => ? attributetype ( 1.3.6.1.1.1.1.0 NAME 'uidNumber' DESC 'An
integer identifying a user' EQUALITY integerMatch SYNTAX ‘INTEGER’ SINGLE-VALUE ) attributetype ( 1.3.6.1.1.1.1.12 NAME 'memberUid' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX ‘IA5String’ ) ArrayRef[Str] Num Not SINGLE-VALUE RFC2307 Sunday, September 30, 12
Ext#1 package App::LDAP::ObjectClass::Foo; use Moose; has ‘a_attribute’ => ( is
=> “rw”, isa => “...”, required => 1 or 0, ); ... Sunday, September 30, 12
Ext#2 package App::LDAP::LDIF::Foo; use Moose; extends “App::LDAP::ObjectClass::Foo”; has ‘+a_attribute’ =>
( default => “...”, ); ... Sunday, September 30, 12
Ext#3 package App::LDAP::Command::Foo; use Moose; with “App::LDAP::Role::Command”; sub run {
my $self = @_; App::LDAP::LDIF::Foo->... } ... Sunday, September 30, 12
NextStep#1 User->search( cn => “shelling ford”, mail => “
[email protected]
” );
Sunday, September 30, 12
NextStep#2 $user->modify( cn => “shelling ford”, mail => “
[email protected]
” );
Sunday, September 30, 12
NextStep#3 config(“/nss/passwd”); config(“/nss/group”); Sunday, September 30, 12
UseCase#1 LDAP NFS orker /home/ Worker Worker Worker Work look
up sudoers mount Sunday, September 30, 12
UseCase#2 galera1 galera2 galera3 LDAP galera3’ look up hosts 10.1.193.205
10.1.132.173 Sunday, September 30, 12
Conclusions Not a replacement to ldap-utils Saving your time on
routines help you to create correct LDIFs Sunday, September 30, 12
Thank You http://github.com/shelling/app-ldap pull request & issues welcome Sunday, September
30, 12