www-infrastructure-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tony Stevenson <t...@pc-tony.com>
Subject Re: ASF LDAP Project Update
Date Mon, 11 May 2009 22:59:56 GMT
Also,

Before I forget,a big thanks to arreyder for his great help so far in  
working on merging the SVN & POSIX groups, amongst other stuff.

On 11 May 2009, at 23:56, Tony Stevenson wrote:

> Good evening,
>
> Good news! At last!
>
> LDAP is now up and running, with a tested synchronisation between EU  
> (harmonia) and US (eris).
> Thanks to pgollucci who has managed to update all the BSD boxes in  
> question to 7.2, and installed the latest OpenLDAP bits.
>
> So, now that we have this working, we are preparing to migrate all  
> user accounts into LDAP this week (date to be set tomorrow).
> We will be using pam_ldap and nss_ldap to control shell access on  
> mino, and this too has been tested.
>
> The plan going forward:
> =======================
>
> Step 1:  Import all user accounts from mino.  (During which time  
> shell access will be denied)
> Step 2:  Import all groups from mino.  This will likely be done the  
> week following, as it involved merging SVN and POSIX groups into  
> one.  This will need a little more testing before we flick the switch.
> Step 3:  Import all other user artifacts, where possible, into LDAP.  
> Things such as .forward files. SSH public keys etc.
> Step 4:  Deploy a user management portal, hopefully this will allow  
> us to let users self-sooth (self-manage) their account.
> Step 5:  Grab some beers.  Get drunk.  Forget everything.  :-)
>
>
> Other things that need doing
> ============================
>
> - Backup the database (daily?) so we can recover very easily if we  
> need too.
> - Update the account creation process to include LDAP.
>
>
>
> I hope to have this 100% wrapped up before the end of June this  
> year.  However, as always, if we hit a snag it'll get drawn out.
>
> There are currently no 'live' users in LDAP at the moment.  So you  
> dont need to worry about it just yet.
>
>
> Cheers,
> Tony
>
> --------------------------------------------
> Tony Stevenson
>
> tony@caret.cam.ac.uk  // ts457@cam.ac.uk
>
> 1024D/51047D66 ECAF DC55 C608 5E82 0B5E
> 3359 C9C7 924E 5104 7D66
> -------------------------------------------
>
>
>
>
>




Cheers,
Tony


--------------------------------------------
Tony Stevenson

tony@pc-tony.com - pctony@apache.org
pctony@freenode.net - tony@caret.cam.ac.uk

http://blog.pc-tony.com

1024D/51047D66 ECAF DC55 C608 5E82 0B5E
3359 C9C7 924E 5104 7D66
--------------------------------------------






Mime
View raw message