Abstract image of a woman sitting on books and studying on a laptop

Afs manager

M
Manfred Furuholmen

This document discusses identity management solutions for AFS including AFS Manager and PtServer NG. AFS Manager is a graphical user interface for administering AFS that allows monitoring and provisioning users, groups and volumes. PtServer NG allows integrating AFS identity management with external user directories like Active Directory using Winbind for authentication and ID mapping. It aims to provide a pluggable user storage and flexible user and group mapping. The document demonstrates these tools and discusses open points around licensing, performance and storage options.

Technology
1 of 22
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
BeoLink.org AFS Identity Management Fabrizio Manfredi Furuholmen AFS Workshop October 2008
Agenda BeoLink.org   Introduction   AFS Manager   Introduction   Features   Demo   Next Steps   PtServer-NG   Introduction   Architecture   Demo   Open Points
PtServer BeoLink.org Introduction Centrally administration “means” security and time/resource savings
PtServer BeoLink.org Introduction Accounts Centralization • Enterprise Directory • Change Application • High Availability Centralized Provisioning • Connectors for applications • Product • Identity Management
PtServer BeoLink.org Introduction Distributed Centralized • You don’t need change apps • Real-time • Low problem on HA • Consistency View • IDM with RBAC • Reuse existing Architecture
PtServer BeoLink.org Introduction AFS Manager • Graphical User Interface • Provisioning Interface ( multi mode) • Administration Task PtServer NG • Active Directory Integration • Directory Integration
BeoLink.org AFS Manager
AFS Manager BeoLink.org Goals GUI • Interface for Windows Administrators • Simple to use • Complete overview of the Cell • Standard object for php scripting (CLI) Monitoring • Volume Access Monitoring • Volume Space Usage • System Statistics WebService Interface • Provisioning Interface for Volume, User, Group • Automatic volume layout • Re-Balance (replications, move volumes ..)
AFS Manager BeoLink.org Demo Demo …
AFS Manager BeoLink.org Architecture Client • AJAX • Acrobat APACHE + PHP • XML • JSON • PHP >= 5 • SQL Lite AFS • Adm Command Line
AFS Manager BeoLink.org Next Code • Java backend ? • PHP Library • Object Cache WebService Interface • Automatic volume layout • Re-Balance (replications, move volumes ..)
BeoLink.org End of part 1
BeoLink.org Ptserver NG
PtServer BeoLink.org Overview Ptserver keeps user/group information • Ptserver contains entries for every user and group in the cell • Ptserver allocates AFS IDs for new user, machine and group entries and maps each ID to the corresponding name. • Ptserver generates a current protection subgroup (CPS) at the File Server's request. The CPS lists all groups to which a user or machine belongs Ubik is the openAFS database • Ubik is a single linear database • Ubik is automatically replicated across a number of servers. • Ubik is a ‘transactional’ database (supports fully distributed changes as long as a majority of the servers are up and are synchronized together in a write quorum)
PtServer BeoLink.org Goals Create Pluggable user storage • Ubik • Ldap • Windows Create flexible user mapping • Mapping user id on existing system • Mapping group id on existing system
PtServer BeoLink.org Winbind Winbind unifies UNIX and Windows NT account management by allowing a UNIX box to become a full member of an NT domain Authentication • NTLM • ADS (Kerberos) Users Information • Account info • ID mapping Groups Information • Group info • ID Mapping
PtServer BeoLink.org Architecture Ptserver • Network Layer • AD Driver Windbind • Cache • IDMAP Engine IDMAP Storage • Ldap • ADS • File Domain Controller • Samba • WinNT/Win2*
Overview BeoLink.org Demo Demo … high probability of crash ..
PtServer BeoLink.org Advantages • Single identity (single storage) • id mapping • gid mapping • Real time update • Pluggable in existing infrastructure Disvantages • Reliability • Performance
PtServer BeoLink.org Open points .. Licences • Load GPL 3 library, compatibility ? Performance • How many request per second ? Where to Store .. • Flags • Quota Group
BeoLink.org Reference • For Further Questions: • Fabrizio Manfredi • fabrizio.manfredi@gmail.com manfred.furuholmen@gmail.com • http://www.beolink.org Too Long The End
AD as IDM BeoLink.org IdMapping IDMAP SID<->UID/GID • LDAP • Internal (TDB) • ADS (SFU/RFC)

More Related Content

PPTX
Beyond the Basics 4 MongoDB Security and Authentication
MongoDB
 
PPTX
Сергей Радзыняк ".NET Microservices in Real Life"
Fwdays
 
PPTX
Alfresco cmis
Yiannis Koutros
 
PPTX
Redis for Data Science and Engineering by Dmitry Polyakovsky of Oracle
Redis Labs
 
PPSX
MongoDB seminar
mahdi dousti
 
PPT
Node and Azure
Jason Gerard
 
PPT
Zarafa SummerCamp 2012 - Steve Hardy Friday Keynote
Zarafa
 
PDF
Monitor Micro-service with MicroProfile metrics
Rudy De Busscher
 
Beyond the Basics 4 MongoDB Security and Authentication
MongoDB
 
Сергей Радзыняк ".NET Microservices in Real Life"
Fwdays
 
Alfresco cmis
Yiannis Koutros
 
Redis for Data Science and Engineering by Dmitry Polyakovsky of Oracle
Redis Labs
 
MongoDB seminar
mahdi dousti
 
Node and Azure
Jason Gerard
 
Zarafa SummerCamp 2012 - Steve Hardy Friday Keynote
Zarafa
 
Monitor Micro-service with MicroProfile metrics
Rudy De Busscher
 

What's hot (20)

PPTX
Beyond the Basics 4: How to secure your MongoDB database
MongoDB
 
PPTX
Continuous Deployment into the Unknown with Artifactory, Bintray, Docker and ...
Gilad Garon
 
PPT
Zarafa SummerCamp 2012 - Exchange Web Services, technical information
Zarafa
 
PPTX
Anatomy of a Redis Command by Madelyn Olson of Amazon Web Services - Redis Da...
Redis Labs
 
PPTX
ServerTemplates - The Next Generation
RightScale
 
PPTX
Moving Beyond Cache by Yiftach Shoolman Redis Labs - Redis Day Seattle 2020
Redis Labs
 
PDF
Radical Innovations In Storage for Multi-Tenant Infrastructure
NetApp
 
PPTX
Евгений Напрягло ".NET Framework Hosting API Overview"
Fwdays
 
PDF
Chicago Microservices Integration Talk
Christian Posta
 
PDF
OpenStack Block Storage 101
NetApp
 
PPTX
Evolution of the IBM Cloud Console: From Monolith to Microservices and Beyond
Tony Erwin
 
PPTX
High performance java ee with j cache and cdi
Payara
 
PPTX
Денис Резник "Зачем мне знать SQL и Базы Данных, ведь у меня есть ORM?"
Fwdays
 
PDF
Flex alfresco
mausamviki4all
 
PPTX
A (XPages) developers guide to Cloudant - MeetIT
Frank van der Linden
 
ODP
Nagios Conference 2011 - Nicholas Scott - Nagios Performance Tuning
Nagios
 
PDF
Orchestrating MySQL
Ivan Zoratti
 
PPT
Messaging For the Cloud and Microservices
Rob Davies
 
PDF
MongodB Internals
Norberto Leite
 
PPTX
Nagios XI Best Practices
Nagios
 
Beyond the Basics 4: How to secure your MongoDB database
MongoDB
 
Continuous Deployment into the Unknown with Artifactory, Bintray, Docker and ...
Gilad Garon
 
Zarafa SummerCamp 2012 - Exchange Web Services, technical information
Zarafa
 
Anatomy of a Redis Command by Madelyn Olson of Amazon Web Services - Redis Da...
Redis Labs
 
ServerTemplates - The Next Generation
RightScale
 
Moving Beyond Cache by Yiftach Shoolman Redis Labs - Redis Day Seattle 2020
Redis Labs
 
Radical Innovations In Storage for Multi-Tenant Infrastructure
NetApp
 
Евгений Напрягло ".NET Framework Hosting API Overview"
Fwdays
 
Chicago Microservices Integration Talk
Christian Posta
 
OpenStack Block Storage 101
NetApp
 
Evolution of the IBM Cloud Console: From Monolith to Microservices and Beyond
Tony Erwin
 
High performance java ee with j cache and cdi
Payara
 
Денис Резник "Зачем мне знать SQL и Базы Данных, ведь у меня есть ORM?"
Fwdays
 
Flex alfresco
mausamviki4all
 
A (XPages) developers guide to Cloudant - MeetIT
Frank van der Linden
 
Nagios Conference 2011 - Nicholas Scott - Nagios Performance Tuning
Nagios
 
Orchestrating MySQL
Ivan Zoratti
 
Messaging For the Cloud and Microservices
Rob Davies
 
MongodB Internals
Norberto Leite
 
Nagios XI Best Practices
Nagios
 
Ad

Viewers also liked (7)

PDF
Samba as a gateway to OpenAFS
Manfred Furuholmen
 
PPTX
Restfs internals
Manfred Furuholmen
 
PPTX
Restfs
Manfred Furuholmen
 
PPTX
Pisa
Manfred Furuholmen
 
PDF
Introduction to message_queue
Manfred Furuholmen
 
PDF
Winbind as Identity Management Connector
Manfred Furuholmen
 
PDF
Samba4 Introduction
Manfred Furuholmen
 
Samba as a gateway to OpenAFS
Manfred Furuholmen
 
Restfs internals
Manfred Furuholmen
 
Restfs
Manfred Furuholmen
 
Pisa
Manfred Furuholmen
 
Introduction to message_queue
Manfred Furuholmen
 
Winbind as Identity Management Connector
Manfred Furuholmen
 
Samba4 Introduction
Manfred Furuholmen
 
Ad

Similar to Afs manager (20)

PPTX
AFS introduction
Manfred Furuholmen
 
PDF
Inexpensive storage
Manfred Furuholmen
 
PDF
AFS case study
Manfred Furuholmen
 
PPTX
Samba management Console
Manfred Furuholmen
 
DOC
Lesson 4 intro to advanced o perating systems
Jo Ko
 
PDF
Moeller bosc2010 debian_taverna
BOSC 2010
 
PDF
Linux Servers
Ranjith Siji
 
PDF
SDEC2011 Going by TACC
Korea Sdec
 
PDF
Domestic cloud
Manfred Furuholmen
 
PDF
Resume
yadavprem
 
PDF
Getting Memcached Secure
Kohei KaiGai
 
PDF
NSS File System Performance, Clustering and Auditing in Novell Open Enterpris...
Novell
 
PDF
NSS File System Performance, Clustering and Auditing in Novell Open Enterpris...
Novell
 
PDF
Slides from 2010 Linux Day
Novell
 
PDF
CoSolvent Community Server : Amazon Web Services Hosting ...
webhostingguy
 
PDF
Building Toward an Open and Extensible Autonomous Computing Platform Utilizi...
Phil Cryer
 
PDF
The 25 Most Promising Open Source Projects
af83
 
PDF
381 Pdfsam
Emanuel Mateus
 
PDF
381 Rac
Emanuel Mateus
 
PPTX
Azure Services Platform
David Chou
 
AFS introduction
Manfred Furuholmen
 
Inexpensive storage
Manfred Furuholmen
 
AFS case study
Manfred Furuholmen
 
Samba management Console
Manfred Furuholmen
 
Lesson 4 intro to advanced o perating systems
Jo Ko
 
Moeller bosc2010 debian_taverna
BOSC 2010
 
Linux Servers
Ranjith Siji
 
SDEC2011 Going by TACC
Korea Sdec
 
Domestic cloud
Manfred Furuholmen
 
Resume
yadavprem
 
Getting Memcached Secure
Kohei KaiGai
 
NSS File System Performance, Clustering and Auditing in Novell Open Enterpris...
Novell
 
NSS File System Performance, Clustering and Auditing in Novell Open Enterpris...
Novell
 
Slides from 2010 Linux Day
Novell
 
CoSolvent Community Server : Amazon Web Services Hosting ...
webhostingguy
 
Building Toward an Open and Extensible Autonomous Computing Platform Utilizi...
Phil Cryer
 
The 25 Most Promising Open Source Projects
af83
 
381 Pdfsam
Emanuel Mateus
 
381 Rac
Emanuel Mateus
 
Azure Services Platform
David Chou
 

More from Manfred Furuholmen (8)

PPTX
Use Distributed Filesystem as a Storage Tier
Manfred Furuholmen
 
PDF
Managing OpenAFS users with OpenIDM
Manfred Furuholmen
 
PPT
Pt server ng
Manfred Furuholmen
 
PDF
Best Practices to create High Load Websites
Manfred Furuholmen
 
PPTX
Be lazy... make automation
Manfred Furuholmen
 
PDF
Disaster recovery
Manfred Furuholmen
 
PDF
Link Samba to Cloud Storage
Manfred Furuholmen
 
PDF
Samba distributed env
Manfred Furuholmen
 
Use Distributed Filesystem as a Storage Tier
Manfred Furuholmen
 
Managing OpenAFS users with OpenIDM
Manfred Furuholmen
 
Pt server ng
Manfred Furuholmen
 
Best Practices to create High Load Websites
Manfred Furuholmen
 
Be lazy... make automation
Manfred Furuholmen
 
Disaster recovery
Manfred Furuholmen
 
Link Samba to Cloud Storage
Manfred Furuholmen
 
Samba distributed env
Manfred Furuholmen
 

Recently uploaded (20)

PPTX
O2C Customer Invoices to Receipt V15A.pptx
ssuserbfa915
 
PPT
What is a Computer? Input Devices /output devices
GulJan8
 
PPTX
Modernising the Digital Integration Hub
Daniel Toomey
 
PDF
DASA ADMISSION 2024_FirstRound_FirstRank_LastRank.pdf
rameswartudu05
 
PDF
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
PPTX
The various Industrial Revolutions .pptx
bandileshozi3
 
PPTX
Tartificialntelligence_presentation.pptx
ry7r52mzb4
 
PDF
Hybrid model detection and classification of lung cancer
IAESIJAI
 
PPTX
MicrosoftCybserSecurityReferenceArchitecture-April-2025.pptx
SilvioHayashi
 
PDF
Developing a website for English-speaking practice to English as a foreign la...
IAESIJAI
 
PDF
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
PDF
A novel scalable deep ensemble learning framework for big data classification...
IAESIJAI
 
PDF
Five Habits of High-Impact Board Members
OnBoard
 
PDF
Hybrid horned lizard optimization algorithm-aquila optimizer for DC motor
IAESIJAI
 
PDF
From MVP to Full-Scale Product A Startup’s Software Journey.pdf
KodekX
 
PDF
A contest of sentiment analysis: k-nearest neighbor versus neural network
IAESIJAI
 
PDF
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
PDF
Transform Your ITIL® 4 & ITSM Strategy with AI in 2025.pdf
PDCA Consulting
 
PPTX
Benefits of Physical activity for teenagers.pptx
Nokwanda Thabethe
 
PPT
Geologic Time for studying geology for geologist
ssuser738f5a
 
O2C Customer Invoices to Receipt V15A.pptx
ssuserbfa915
 
What is a Computer? Input Devices /output devices
GulJan8
 
Modernising the Digital Integration Hub
Daniel Toomey
 
DASA ADMISSION 2024_FirstRound_FirstRank_LastRank.pdf
rameswartudu05
 
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
The various Industrial Revolutions .pptx
bandileshozi3
 
Tartificialntelligence_presentation.pptx
ry7r52mzb4
 
Hybrid model detection and classification of lung cancer
IAESIJAI
 
MicrosoftCybserSecurityReferenceArchitecture-April-2025.pptx
SilvioHayashi
 
Developing a website for English-speaking practice to English as a foreign la...
IAESIJAI
 
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
A novel scalable deep ensemble learning framework for big data classification...
IAESIJAI
 
Five Habits of High-Impact Board Members
OnBoard
 
Hybrid horned lizard optimization algorithm-aquila optimizer for DC motor
IAESIJAI
 
From MVP to Full-Scale Product A Startup’s Software Journey.pdf
KodekX
 
A contest of sentiment analysis: k-nearest neighbor versus neural network
IAESIJAI
 
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
Transform Your ITIL® 4 & ITSM Strategy with AI in 2025.pdf
PDCA Consulting
 
Benefits of Physical activity for teenagers.pptx
Nokwanda Thabethe
 
Geologic Time for studying geology for geologist
ssuser738f5a
 

Afs manager

  • 1. BeoLink.org AFS Identity Management Fabrizio Manfredi Furuholmen AFS Workshop October 2008
  • 2. Agenda BeoLink.org   Introduction   AFS Manager   Introduction   Features   Demo   Next Steps   PtServer-NG   Introduction   Architecture   Demo   Open Points
  • 3. PtServer BeoLink.org Introduction Centrally administration “means” security and time/resource savings
  • 4. PtServer BeoLink.org Introduction Accounts Centralization • Enterprise Directory • Change Application • High Availability Centralized Provisioning • Connectors for applications • Product • Identity Management
  • 5. PtServer BeoLink.org Introduction Distributed Centralized • You don’t need change apps • Real-time • Low problem on HA • Consistency View • IDM with RBAC • Reuse existing Architecture
  • 6. PtServer BeoLink.org Introduction AFS Manager • Graphical User Interface • Provisioning Interface ( multi mode) • Administration Task PtServer NG • Active Directory Integration • Directory Integration
  • 8. AFS Manager BeoLink.org Goals GUI • Interface for Windows Administrators • Simple to use • Complete overview of the Cell • Standard object for php scripting (CLI) Monitoring • Volume Access Monitoring • Volume Space Usage • System Statistics WebService Interface • Provisioning Interface for Volume, User, Group • Automatic volume layout • Re-Balance (replications, move volumes ..)
  • 9. AFS Manager BeoLink.org Demo Demo …
  • 10. AFS Manager BeoLink.org Architecture Client • AJAX • Acrobat APACHE + PHP • XML • JSON • PHP >= 5 • SQL Lite AFS • Adm Command Line
  • 11. AFS Manager BeoLink.org Next Code • Java backend ? • PHP Library • Object Cache WebService Interface • Automatic volume layout • Re-Balance (replications, move volumes ..)
  • 14. PtServer BeoLink.org Overview Ptserver keeps user/group information • Ptserver contains entries for every user and group in the cell • Ptserver allocates AFS IDs for new user, machine and group entries and maps each ID to the corresponding name. • Ptserver generates a current protection subgroup (CPS) at the File Server's request. The CPS lists all groups to which a user or machine belongs Ubik is the openAFS database • Ubik is a single linear database • Ubik is automatically replicated across a number of servers. • Ubik is a ‘transactional’ database (supports fully distributed changes as long as a majority of the servers are up and are synchronized together in a write quorum)
  • 15. PtServer BeoLink.org Goals Create Pluggable user storage • Ubik • Ldap • Windows Create flexible user mapping • Mapping user id on existing system • Mapping group id on existing system
  • 16. PtServer BeoLink.org Winbind Winbind unifies UNIX and Windows NT account management by allowing a UNIX box to become a full member of an NT domain Authentication • NTLM • ADS (Kerberos) Users Information • Account info • ID mapping Groups Information • Group info • ID Mapping
  • 17. PtServer BeoLink.org Architecture Ptserver • Network Layer • AD Driver Windbind • Cache • IDMAP Engine IDMAP Storage • Ldap • ADS • File Domain Controller • Samba • WinNT/Win2*
  • 18. Overview BeoLink.org Demo Demo … high probability of crash ..
  • 19. PtServer BeoLink.org Advantages • Single identity (single storage) • id mapping • gid mapping • Real time update • Pluggable in existing infrastructure Disvantages • Reliability • Performance
  • 20. PtServer BeoLink.org Open points .. Licences • Load GPL 3 library, compatibility ? Performance • How many request per second ? Where to Store .. • Flags • Quota Group
  • 21. BeoLink.org Reference • For Further Questions: • Fabrizio Manfredi • fabrizio.manfredi@gmail.com manfred.furuholmen@gmail.com • http://www.beolink.org Too Long The End
  • 22. AD as IDM BeoLink.org IdMapping IDMAP SID<->UID/GID • LDAP • Internal (TDB) • ADS (SFU/RFC)