Child pages
  • LDAP Group Admin
Skip to end of metadata
Go to start of metadata

LDAP Group Admin

Members

username

Name

hyfi

Pranav Gandhi

TODO

  • Investigate existing web interfaces for group modification.
  • Investigate a command line interface for modifying existing ldap groups.
  • Evaluate each one and select the one that is in line with our requirement.
  • Writing one ourselves is also a possibility.
  • Present to systems.

Status Report

  • This is already built into openldap. If we add a creator attribute to manageable groups, we can add a general rule to slapd.conf that allows that user to modify the group entry. Then group modification could be something along the lines of: `ldapmodify -D 'uid=hyfi,ou=People,dc=ccs,dc=neu,dc=edu' -W < modifygroup.ldif`
  • Where modifygroup.ldif would be the standard syntax for modifying ldap groups.
  • This can be abstracted to `addmember.sh crew hyfi florence ... aliukani`
  • Then this can be turned into a web interface at some point.

Timeline

Month

Goal

January 2013

Research all existing solutions Set up ldap server on crew-ldap.ccs.neu.edu

February 2013

Learn permissions in sldapd.conf

March 2013

Create scripted modifications, set up web interface

April 2013

Show it off

Requirements

  • Give authorized users ability to manage their own ldap groups using a convienent interface.

Benefits

  • Speeds up the process of ldap group modification for end users
  • Gives systems more time to work on other projects

Example (crew)

  • hyfi manages the group crew
  • It is a new semester and there are 5 new crew members
  • hyfi logs into groups.ccs.neu.edu and edits the members of the group crew

Example (tutoring)

  • It is a new semester and vanhorn wants to add new tutors to the group cs2500tutors
  • vanhorn logs into groups.ccs.neu.edu and removes all the old tutors
  • vanhorn adds new tutors into the group
  • No labels