Upgrade to Pro — share decks privately, control downloads, hide ads and more …

App::LDAP - 管理者と百台のコンピュータ #YAPC::Asia 2012

Avatar for shelling shelling
September 30, 2012
Technology
2
570

App::LDAP - 管理者と百台のコンピュータ #YAPC::Asia 2012

Introduction to App::LDAP, YAPC::Asia 2012

Avatar for shelling

shelling

September 30, 2012
Tweet

More Decks by shelling

See All by shelling
Distributed Storage for Web Applications
Avatar for shelling shelling
3
750

Other Decks in Technology

See All in Technology
隙間ツール開発のすすめ / PHP Conference Fukuoka 2025
Avatar for meihei meihei3
0
310
Master Dataグループ紹介資料
Avatar for Sansan, Inc. sansan33
PRO
1
3.9k
AWS IAM Identity Centerによる権限設定をグラフ構造で可視化+グラフRAGへの挑戦
Avatar for Yuta Kimi ykimi
2
710
エンジニア採用と 技術広報の取り組みと注力点/techpr1112
Avatar for Ichiro Nishiuma nishiuma
0
130
re:Invent完全攻略ガイド
Avatar for JunjiKoide junjikoide
1
260
今、MySQLのバックアップを作り直すとしたら何がどう良いのかを考える旅
Avatar for yoku0825 yoku0825
0
130
CDKの魔法を少し解いてみる ― synth・build・diffで覗くIaCの裏側 ―
Avatar for Nagai Takafumi takahumi27
1
110
コミュニティと共に変化する 私とFusicの8年間
Avatar for MasayaYoshino ayasamind
0
450
CloudFormationコンソールから、 実際に作られたリソースを辿れるようになろう!
Avatar for amixedcolor amixedcolor
1
140
探求の技術
Avatar for azukiazusa azukiazusa1
3
690
AI-ready"のための"データ基盤 〜 LLMOpsで事業貢献するための基盤づくり
Avatar for Izumu KUSUNOKI ismk
0
150
CodexでもAgent Skillsを使いたい
Avatar for Gota gotalab555
9
4.4k

Featured

See All Featured
Code Review Best Practice
Avatar for Trisha Gee trishagee
72
19k
How to train your dragon (web standard)
Avatar for Monica Dinculescu notwaldorf
97
6.4k
Optimizing for Happiness
Avatar for Tom Preston-Werner mojombo
379
70k
Performance Is Good for Brains [We Love Speed 2024]
Avatar for Tammy Everts tammyeverts
12
1.3k
Fight the Zombie Pattern Library - RWD Summit 2016
Avatar for Marcelo Somers marcelosomers
234
17k
Building an army of robots
Avatar for Kyle Neath kneath
306
46k
GraphQLの誤解/rethinking-graphql
Avatar for sonatard sonatard
73
11k
The Illustrated Children's Guide to Kubernetes
Avatar for Chris Short chrisshort
51
51k
StorybookのUI Testing Handbookを読んだ
Avatar for Shingo Yamazaki zakiyama
31
6.3k
Building a Modern Day 
E-commerce SEO Strategy
Avatar for Aleyda Solis aleyda
45
8k
We Have a Design System, Now What?
Avatar for Morgane Peng morganepeng
54
7.9k
Product Roadmaps are Hard
Avatar for C. Todd Lombardo iamctodd
PRO
55
12k

Transcript

  1. App::LDAP 管理者と百台のコンピュータ shelling Sunday, September 30, 12

  2. #!/me use qw(perl ruby javascript); use feature qw(css elisp); twitter

    “shellingford”; github “shelling”; cpan “shelling”; Sunday, September 30, 12

  3. Review Sunday, September 30, 12

  4. /etc/passwd /etc/shadow LDAP Server Sunday, September 30, 12

  5. network file system samba account netgroup network printers ... Sunday,

    September 30, 12

  6. new . Sunday, September 30, 12

  7. ldap-utils LDAP Server Sunday, September 30, 12

  8. LDIF#add ldapmodify -a -f dn: uid=jason8936,ou=people,dc=example,dc=com uid: jason8936 cn: jason8936

    sn: jason8936 mail: [email protected] objectClass: inetOrgPerson objectClass: posixAccount objectClass: top objectClass: shadowAccount userPassword: {crypt}$6$Hk7MFO3..... shadowMax: 99999 shadowWarning: 7 loginShell: /bin/bash uidNumber: 1020 gidNumber: 1020 homeDirectory: /home/jason8936 Sunday, September 30, 12

  9. LDIF#modify ldapmodify -f dn: uid=jason8936,ou=people,dc=example,dc=com changetype: modify delete: mail mail:

    [email protected] - add: mail mail: [email protected] mail: [email protected] Sunday, September 30, 12

  10. LDIF#delete ldapmodify -f dn: uid=jason8936,ou=people,dc=example,dc=com changetype: delete Sunday, September 30,

    12

  11. Drawbacks • Time-Consumed • Not Quite Convenient • Not Abstract

    Enough Sunday, September 30, 12

  12. Demo https://vimeo.com/50077777 Sunday, September 30, 12

  13. Demo https://vimeo.com/50077777 Sunday, September 30, 12

  14. under the hood Sunday, September 30, 12

  15. MVC $ ldap add user foo Controller Model LDAP Server

    (CRUD)able Sunday, September 30, 12

  16. User Group Host Sudoer Controller & Dispatcher $ ldap add

    user foo Command Add Del Passwd Export User Group Host Sudoer App::LDAP:: use qw( Namespace::Dispatch MooseX::Getopt ); sub run { ... } foo Sunday, September 30, 12

  17. Model & Schema top posixAccount person organizationalPerson inetOrgPerson shadowAccount posixGroup

    ipHost LDIF::User LDIF::Group RFC2307 RFC2798 Sunday, September 30, 12

  18. just class package person; use Moose; extends ‘top’; has ...

    => ...; package organizationalPerson; use Moose; extends ‘person’; has ... => ...; Sunday, September 30, 12

  19. required => ? objectclass ( 1.3.6.1.1.1.2.0 NAME 'posixAccount' DESC 'an

    account with POSIX attributes' SUP top AUXILIARY MUST ( cn $ uid $ uidNumber $ gidNumber $ homeDirectory ) MAY ( userPassword $ loginShell $ gecos $ description ) ) 1 0 RFC2307 has cn => ( required => ); Sunday, September 30, 12

  20. isa => ? attributetype ( 1.3.6.1.1.1.1.0 NAME 'uidNumber' DESC 'An

    integer identifying a user' EQUALITY integerMatch SYNTAX ‘INTEGER’ SINGLE-VALUE ) attributetype ( 1.3.6.1.1.1.1.12 NAME 'memberUid' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX ‘IA5String’ ) ArrayRef[Str] Num Not SINGLE-VALUE RFC2307 Sunday, September 30, 12

  21. Ext#1 package App::LDAP::ObjectClass::Foo; use Moose; has ‘a_attribute’ => ( is

    => “rw”, isa => “...”, required => 1 or 0, ); ... Sunday, September 30, 12

  22. Ext#2 package App::LDAP::LDIF::Foo; use Moose; extends “App::LDAP::ObjectClass::Foo”; has ‘+a_attribute’ =>

    ( default => “...”, ); ... Sunday, September 30, 12

  23. Ext#3 package App::LDAP::Command::Foo; use Moose; with “App::LDAP::Role::Command”; sub run {

    my $self = @_; App::LDAP::LDIF::Foo->... } ... Sunday, September 30, 12

  24. NextStep#1 User->search( cn => “shelling ford”, mail => “[email protected]” );

    Sunday, September 30, 12

  25. NextStep#2 $user->modify( cn => “shelling ford”, mail => “[email protected]” );

    Sunday, September 30, 12

  26. NextStep#3 config(“/nss/passwd”); config(“/nss/group”); Sunday, September 30, 12

  27. UseCase#1 LDAP NFS orker /home/ Worker Worker Worker Work look

    up sudoers mount Sunday, September 30, 12

  28. UseCase#2 galera1 galera2 galera3 LDAP galera3’ look up hosts 10.1.193.205

    10.1.132.173 Sunday, September 30, 12

  29. Conclusions Not a replacement to ldap-utils Saving your time on

    routines help you to create correct LDIFs Sunday, September 30, 12

  30. Thank You http://github.com/shelling/app-ldap pull request & issues welcome Sunday, September

    30, 12