Presentation is loading. Please wait.

Presentation is loading. Please wait.

Web-Based NT Administration Via Perl George Kuetemeyer Thomas Jefferson University Hospital.

Similar presentations


Presentation on theme: "Web-Based NT Administration Via Perl George Kuetemeyer Thomas Jefferson University Hospital."— Presentation transcript:

1 Web-Based NT Administration Via Perl George Kuetemeyer Thomas Jefferson University Hospital

2 TJU/H Mission l Patient care l Education l Research

3 TJU/H Demographics l 9,000 faculty/staff l 3,500 students

4 TJU/H IT Infrastructure l ATM network l 5,000 PCs, Macs l IBM mainframe l Tandem mainframe l Unix/Linux servers l NT servers l NetWare servers

5 Application Infrastructure l Mail*Hub mail switch/X.500 directory u Authentication u Role data l HP OpenMail (4,500 faculty/staff) l CS&T OpenTime (2,100 clients) l PeopleSoft l IDX/Last Word

6 The Problem l Migration from NetWare to NT l NT admin tool issues l NT security model issues l Support staff training issues l Competing business models l Generalized fear and loathing

7 NT Admin Tool Issues l GUI Interface not ideal for batch updates l Command line control limited l Batch file scripting limited l Scripting host proprietary l Platform-limited remote control capabilities

8 NT Security Model Issues l Not very granular (as exposed by the GUI tools) l Not hierarchical (like NetWare 4.XX) l No obvious link to our X.500 directory l Didnt fit our IT support roles

9 Support Staff Training Issues l GUI tools unfocused l Command line approach not user friendly

10 Competing Business Models l Microsofts take on security different than ours l Monolithic technology vs. diverse technologies l Proprietary vs. open solutions l Commercial vs. non-profit environments

11 Fear and Loathing l Microsoft replaces our favorite technologies l Microsoft replaces us l The Dark Side Syndrome

12 General Problem Vendors Reality

13 General Problem Vendors RealityOur Reality

14 General Solution Vendors RealityOur RealityFilter

15 General Solution Vendors RealityOur RealityFilter

16 General Solution Vendors RealityOur RealityFilter

17 The Solution - Perl l Powerful l Cross platform l Easy entrée to NT internals l Roll our own admin tools l Make them networkable l Tie in our legacy systems

18 Phase 1 - Local Administration l Standardize on Perl l Start by back-ticking various command line functions l Replace with Perl/NT admin API packages as they become available

19 Useful NT Admin Packages l Win32::NetAdmin.pm l Win32API::Net.pm l Win32::AdminMisc.pm l Win32::DomainAdmin.pm l Win32::FileSecurity.pm

20 Phase 2 - Remote Administration l IO::Socket-based client l inetd from Pragma Systems u Useful companion for pre-fork NT Perl u Also provides telnet daemon l Perl-based request server called by inetd l Server interfaces with modular methods package l System can work with command line or web delivery mechanisms

21 User InterfaceCGI Processing Client ProcessServer Process Authentication Perl NT Methods X.500 Directory Web Admin Overview Authentication NT Environment

22 User InterfaceCGI Processing Client ProcessServer Process Authentication Perl NT Methods X.500 Directory Platform Overview Authentication NT Environment NT HP/UX Linux/Apache

23 NT Admin Walkthru l Authentication

24 NT Admin Walkthru l X.500 Name/Password

25 NT Admin Walkthru l Main Menu

26 NT Admin Walkthru l Create Client Object Use K_Client; my $client = K_Client->new(host => pdc.jeff.com, port => 2000, sender => $param{sender}, pwd => $param{pwd}, key_file => /usr/local/keys/nt.txt, );

27 NT Admin Walkthru l Send Request $client->build_request(method => get_user_list, server =>, ); my $ok = $client->send_receive(); my $err = $client->get_errorcode(0); = $client->get_result(0); my $msg = $client->get_msg(0); return

28 NT Admin Walkthru l Server Object use K_Server; use K_Methods::NT_Admin; use X500_Auth; my $hosts = { => 1, pdc.jeff.edu => 1 }; my $methods = K_Methods::NT_Admin->new(); my $server = K_Server->new(methods_obj => $admin, auth_sub => \&X500_Auth::auth_client, work_dir => 'd:/ntadmsrv, server_name => 'K_Server', log_file => d:/logs/k_admin.log', key_file => d:/keys/nt.txt', event_log => 1, ok_hosts => $hosts, ); $server->handle_request();

29 NT Admin Walkthru l Methods data structure $self->{methods} = { get_user_list => { method => sub { }, params => [ server ], role => $ops, event_id => 15, false_msg => sub { my %p return "Failed to get user list." }, true_msg => sub { my %p return "Got user list." }, },.

30 NT Admin Walkthru l Methods role attribute $self->{roles} = { super_acct => 3, acct => 2, ops => 1, all => 0, };

31 NT Admin Walkthru l Core subroutine # generate list of users sub get_user_list { my $self = shift; my %params my return }

32 NT Admin Walkthru l Create Account

33 NT Admin Walkthru l Create Account

34 NT Admin Walkthru l Create Account $client->build_request(method => create_user, server =>, user => $param{user}, type => user, abort => 1, ); $client->build_request(method => set_user_pwd, server =>, user => $param{user}, pwd => tmp_pass, ); $ok = = $client->get_msgs(); return

35 NT Admin Walkthru l Create Account

36 NT Admin Walkthru l Main Menu

37 NT Admin Walkthru l Change Account

38 NT Admin Walkthru l Get Account Info $client->build_request(method => get_user_attrs, server => params{server}, user => params{user}); $client->build_request(method => get_user_global_groups, server => params{server}, user => params{user}); $client->build_request(method => get_global_groups, server => params{server}); $ok = = $client->get_msgs(); %attrs = = = $client->get_result(2); return

39 NT Admin Walkthru l Account Info

40 NT Admin Walkthru l Back end logging

41 Project Results l Our security policies enforced l NT becomes part of larger IT infrastructure l IT staff supports NT with minimal training l Change effectively managed (Win2K) l Innovation modulated by our business realities

42 NT Admin Futures l Replace inetd with Perl fork l Recode admin methods to support LDAP/Active Directory l Spend more time on web client interface


Download ppt "Web-Based NT Administration Via Perl George Kuetemeyer Thomas Jefferson University Hospital."

Similar presentations


Ads by Google