Presentation is loading. Please wait.

Presentation is loading. Please wait.

1/11/2000LDAP Status Report - HEPix - JLab 2000 LDAP Status Report Michel Jouvin LAL / IN2P3

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "1/11/2000LDAP Status Report - HEPix - JLab 2000 LDAP Status Report Michel Jouvin LAL / IN2P3"— Presentation transcript:

1 1/11/2000LDAP Status Report - HEPix - JLab 2000 LDAP Status Report Michel Jouvin LAL / IN2P3 jouvin@lal.in2p3.fr

2 1/11/2000LDAP Status Report - HEPix - JLab 2000 Outlines LDAP coordination group goals LDAP different usage LDAP general and HEP specific issues LDAP coordination future

3 1/11/2000LDAP Status Report - HEPix - JLab 2000 LDAP Coordination Group Unofficial group formed at Zeuten –Arnaud Taddei and me as leaders Goals –LDAP white pages deployment coordination –Capitalize on IN2P3 / CERN experience A lot of work has been done but : –Arnaud left CERN in September –Hélène Jamet (IN2P3) is leaving IN2P3

4 1/11/2000LDAP Status Report - HEPix - JLab 2000 LDAP Is Everywhere... White Pages service –LDAP has emerged as the technology of choice –All email clients LDAP capable Windows 2000 : AD is based on LDAP –Resources management relies on ActiveDirectory

5 1/11/2000LDAP Status Report - HEPix - JLab 2000 … LDAP Is Everywhere Public Key Infrastructure (PKI) –Required by all the certificate/public key based security protocols –LDAP is a strong candidate for certificate distribution GRID uses LDAP as a core technology –Security relies on certificates –Metadirectory used for resources location

6 1/11/2000LDAP Status Report - HEPix - JLab 2000 What is LDAP ? An access protocol –Originally designed for X500 access –2 "incompatible" versions V2 : first production version. Most used V3 : all servers now v3 but not all clients Several server infrastructures possible –Standalone / Distributed –Proprietary / Standard (X500)

7 1/11/2000LDAP Status Report - HEPix - JLab 2000 Issues with Standalone LDAP No chaining, referrals only in v3 –Popular mail clients like Pine or Netscape < 4.7 are v2 –Knowledge about servers inside the v2 client : difficult to maintain when infrastructure changes Strong authentication not available –Can be overcome by SSL No shadowing protocol –Proprietary solutions (incompatible)

8 1/11/2000LDAP Status Report - HEPix - JLab 2000 HEP Specific issues… HEP is a "virtual" organization –International –No central control –Every organization/lab has national and/or non HEP constraints Naming constraints No common root for HEP information tree Non HEP groups requirements

9 1/11/2000LDAP Status Report - HEPix - JLab 2000 … HEP Specific issues Windows 2000 –Goal (still) unclear : do we need a unified W2000 infrastructure (forest ?) ? –Do we need to unify with non W2000 use ? PKI –Still advanced project for HEP –CERN is quite active (Denise) –Interference between GRID and local projects

10 1/11/2000LDAP Status Report - HEPix - JLab 2000 HEP Wide White Pages –Goal : create a "virtual" HEP root –Proposal : create 1 HEP tree per country Contains aliases to real sites (CERN, IN2P3, …) Still problems with alias derefencing for some clients (ex: Netscape) This tree could be an international org but who will maintain it ? Tested but who is using it ? –Not specific to white pages Should be possible to extend to every part of the DIT requiring an HEP wide viewing

11 1/11/2000LDAP Status Report - HEPix - JLab 2000 LDAP Coordination Future HEP CCC / HTASC still advocating the need for an LDAP meeting –Originally planned during this meeting Project : have an LDAP meeting in March –Discuss all LDAP issues, particularly GRID Questions remaining –Who is interested ? US interest ? –Should we co-locate with another meeting Grid ? Hepix ?

Download ppt "1/11/2000LDAP Status Report - HEPix - JLab 2000 LDAP Status Report Michel Jouvin LAL / IN2P3"

Similar presentations

Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.

Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.
Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
HEPiX Meeting Wrap Up Fall 2000 JLab. Meeting Highlights Monitoring –Several projects underway –Collaboration of ideas occurred –Communication earlier.

HEPiX Meeting Wrap Up Fall 2000 JLab. Meeting Highlights Monitoring –Several projects underway –Collaboration of ideas occurred –Communication earlier.
Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.

Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.
LAL Site Report Michel Jouvin LAL / IN2P3

LAL Site Report Michel Jouvin LAL / IN2P3
Password? CLASP Project Update C5 Meeting, 16 June 2000 Denise Heagerty, IT/IS.

Password? CLASP Project Update C5 Meeting, 16 June 2000 Denise Heagerty, IT/IS.
Password?. Project CLASP: Common Login and Access rights across Services Plan

Password?. Project CLASP: Common Login and Access rights across Services Plan
PKI Activities at Virginia January 2004 CSG Meeting Jim Jokl.

PKI Activities at Virginia January 2004 CSG Meeting Jim Jokl.
Password?. Project CLASP: Common Login and Access rights across Services Plan

Password?. Project CLASP: Common Login and Access rights across Services Plan
8.

8.
Active Directory: Final Solution to Enterprise System Integration

Active Directory: Final Solution to Enterprise System Integration
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Password? CLASP Phase 2: Revised Proposal C5 Meeting, 16 February 2001 Denise Heagerty, IT/IS.

Password? CLASP Phase 2: Revised Proposal C5 Meeting, 16 February 2001 Denise Heagerty, IT/IS.
INFN Grid Information Services G. Lo Biondo INFN Milano (presented by F. Prelz)

INFN Grid Information Services G. Lo Biondo INFN Milano (presented by F. Prelz)
Understanding Active Directory

Understanding Active Directory
1 30 September 1999 Concepts A directory is a hierarchical, searchable database for relatively stable data - Information about users and other global entities.

1 30 September 1999 Concepts A directory is a hierarchical, searchable database for relatively stable data - Information about users and other global entities.
WSU A Symphony in Four Movements. A Century of Controlled Flight.

WSU A Symphony in Four Movements. A Century of Controlled Flight.
HEPIX - October 1999 IN2P3 LDAP Services Jamet Hélène IN2P3 Computing Center (LYON)

HEPIX - October 1999 IN2P3 LDAP Services Jamet Hélène IN2P3 Computing Center (LYON)
INFN experience with Globus GIS A. Cavalli - F. Semeria INFN Grid Information Services workshop CERN, 28-29 March 2001.

INFN experience with Globus GIS A. Cavalli - F. Semeria INFN Grid Information Services workshop CERN, March 2001.
S/MIME Email and PKI Dartmouth College PKI Lab. What Is S/MIME? RFC 2633 (S/MIME Version 3)RFC 2633 Extensions to MIME Uses PKI certificates, keys, and.

S/MIME and PKI Dartmouth College PKI Lab. What Is S/MIME? RFC 2633 (S/MIME Version 3)RFC 2633 Extensions to MIME Uses PKI certificates, keys, and.

Similar presentations

Ads by Google