NetworkDirectoryServicesConfiguration

Launchpad Entry: server-karmic-directory-service-configuration
Created:
Contributors:
Packages affected:

Summary

Release Note

Rationale

User stories

Assumptions

Design

Implementation

UI Changes

Code Changes

Migration

Test/Demo Plan

Unresolved issues

BoF agenda and discussion

UDS Karmic discussion

= Directory Integration for Services =

 * Services to automatically leverage the directory.
 
 * setup-kerberos-service script (domain-join)
  * Creates necessary Kerberos principals.
  * Get keytab from KDC.
   * Use /etc/keytab.d for keytab files.
   * One keytab per service. 
   * Where in the directory the service config options are.
  * Add DNS entry?
  * Modify service config file for Kerberos.
   * Enable GSSAPI.
  * Register service on the network.
  
  * Step 0: Discovery -- scripted.
   * DNS SRV records.
   * Use the rootDSE to identify an Ubuntu directory.
  * Step 1: Enable krb5
   * Add a principal for each packages service/s.
  * Step 2: Enable Directory (LDAP) service.
   * Configures local slapd to replicate the directory.
    * Only replicated needed objects for each service.
    * Use the caching overlay.
  
  
 * Packages
  * Samba
  * Postfix
  * Dovecot
  * OpenLDAP -- as a client.
  * OpenSSH
  * User Login.
  
 * How does each service dertermine the LDAP server location, credentials, etc.
  * DNS
  * debconf
  * Ask at install time.
  
 * Need X509 certificate for LDAP server.
  * Can also be done with SASL.
 
 * Enable traffic encryption after authentication.
 
 * Create a client certificate and publish it in the Directory.
  * Don't need a full CA for Karmic.

CategorySpec

NetworkDirectoryServicesConfiguration (last edited 2009-06-03 17:19:12 by 207)

Ubuntu Wiki

NetworkDirectoryServicesConfiguration

Summary

Release Note

Rationale

User stories

Assumptions

Design

Implementation

UI Changes

Code Changes

Migration

Test/Demo Plan

Unresolved issues

BoF agenda and discussion

UDS Karmic discussion