Upload File

ldap synchronization connector (lsc)

Download LDAP Synchronization Connector (LSC)

If you can't read please download the document

Upload: jonathan-clarke

Post on 25-May-2015

2.548 views

Category:

Technology


3 download

Report

DESCRIPTION

Introducing the LSC project: context in IAM, Open Source project status, goals, principles and an example.

TRANSCRIPT

  • 1. 12/07/2009Jonathan [email protected]_icache_030(addr_taddress,size_tlen){intl,off;char*p;uint32cacr;off=(unsignedint)address&(CACHELINE-1); len+=off;l=len;p=(char*)address-off;asm volatile("nop");asm volatile("movec %%cacr,%0":"=r"(cacr):);cacr|=0x00000004;/**/do{asm 12/07/2009http://lsc-project.org Page 1 volatile("movec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrn"::"r"(p),"r"(cacr));p+= CACHELINE;} while((l-=CACHELINE)>0);asm volatile("nop");}staticvoidset_pgdir(void*rt) {long_page_directory_entryentry;*(uint64*)&entry=DFL_PAGEENT_VAL;entry.type=DT_ROOT;entry.addr=TA_TO_PREA(((addr_t)rt));asmvola tile("pmove(%0),%%srpnpmove(%0),%

2. IntroductionProvisioning for identity management is easy Just put all employee information in a directory!Simple, right? well, yes, but HRalreadyhassoftwarethatonlystoresidentityinformationinadatabaseWeuseActiveDirectoryforourdesktopsandweneedusers'identitiestheretooXYZsoftwarealreadyusesadifferentdirectory staticvoidsync_icache_030(addr_taddress,size_tlen){intl,off;char*p;uint32cacr;off=(unsignedint)address&(CACHELINE-1); len+=off;l=len;p=(char*)address-off;asm volatile("nop");asm volatile("movec %%cacr,%0":"=r"(cacr):);cacr|=0x00000004;/**/do{asm 12/07/2009http://lsc-project.org Page 2 volatile("movec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrn"::"r"(p),"r"(cacr));p+= CACHELINE;} while((l-=CACHELINE)>0);asm volatile("nop");}staticvoidset_pgdir(void*rt) {long_page_directory_entryentry;*(uint64*)&entry=DFL_PAGEENT_VAL;entry.type=DT_ROOT;entry.addr=TA_TO_PREA(((addr_t)rt));asmvola tile("pmove(%0),%%srpnpmove(%0),% 3. IntroductionSeveral different identity repositoriesHow to make sure the same changes apply? New employees Name changes (marriage), transfers... Employees leaving Manual synchronization? Leads to a mess, leaving old accounts active Automatic synchronization? staticvoidsync_icache_030(addr_taddress,size_tlen){intl,off;char*p;uint32cacr;off=(unsignedint)address&(CACHELINE-1); len+=off;l=len;p=(char*)address-off;asm volatile("nop");asm volatile("movec %%cacr,%0":"=r"(cacr):);cacr|=0x00000004;/**/do{asm 12/07/2009http://lsc-project.org Page 3 volatile("movec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrn"::"r"(p),"r"(cacr));p+= CACHELINE;} while((l-=CACHELINE)>0);asm volatile("nop");}staticvoidset_pgdir(void*rt) {long_page_directory_entryentry;*(uint64*)&entry=DFL_PAGEENT_VAL;entry.type=DT_ROOT;entry.addr=TA_TO_PREA(((addr_t)rt));asmvola tile("pmove(%0),%%srpnpmove(%0),% 4. IntroductionAutomatic synchronizationIt already exists, and works great Directory- / database-specific replication Application-specific connectors (AD, SAP, etc) What about the rest? Between different databases, directories, files ? Different data models ? Using standards : LDAP, SQL, etc... ?staticvoidsync_icache_030(addr_taddress,size_tlen){intl,off;char*p;uint32cacr;off=(unsignedint)address&(CACHELINE-1); len+=off;l=len;p=(char*)address-off;asm volatile("nop");asm volatile("movec %%cacr,%0":"=r"(cacr):);cacr|=0x00000004;/**/do{asm 12/07/2009http://lsc-project.org Page 4 volatile("movec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrn"::"r"(p),"r"(cacr));p+= CACHELINE;} while((l-=CACHELINE)>0);asm volatile("nop");}staticvoidset_pgdir(void*rt) {long_page_directory_entryentry;*(uint64*)&entry=DFL_PAGEENT_VAL;entry.type=DT_ROOT;entry.addr=TA_TO_PREA(((addr_t)rt));asmvola tile("pmove(%0),%%srpnpmove(%0),% 5. About LDAP Synchronization ConnectorWhat is LSC?LDAP Synchronization ConnectorOpen Source projectBSD licenceWritten in Java4 years in the making1 year ago LSC-project.org created6 regular contributors Website: http://lsc-project.org staticvoidsync_icache_030(addr_taddress,size_tlen){intl,off;char*p;uint32cacr;off=(unsignedint)address&(CACHELINE-1); len+=off;l=len;p=(char*)address-off;asm volatile("nop");asm volatile("movec %%cacr,%0":"=r"(cacr):);cacr|=0x00000004;/**/do{asm 12/07/2009http://lsc-project.org Page 5 volatile("movec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrn"::"r"(p),"r"(cacr));p+= CACHELINE;} while((l-=CACHELINE)>0);asm volatile("nop");}staticvoidset_pgdir(void*rt) {long_page_directory_entryentry;*(uint64*)&entry=DFL_PAGEENT_VAL;entry.type=DT_ROOT;entry.addr=TA_TO_PREA(((addr_t)rt));asmvola tile("pmove(%0),%%srpnpmove(%0),% 6. GoalsQuickly implement a new synchronizationHighly configurableWhat exactly do we read?Powerful transformations (correctness is important)What exactly do we write?Run fast (performance is important)Easy to setupstaticvoidsync_icache_030(addr_taddress,size_tlen){intl,off;char*p;uint32cacr;off=(unsignedint)address&(CACHELINE-1); len+=off;l=len;p=(char*)address-off;asm volatile("nop");asm volatile("movec %%cacr,%0":"=r"(cacr):);cacr|=0x00000004;/**/do{asm 12/07/2009http://lsc-project.org Page 6 volatile("movec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrn"::"r"(p),"r"(cacr));p+= CACHELINE;} while((l-=CACHELINE)>0);asm volatile("nop");}staticvoidset_pgdir(void*rt) {long_page_directory_entryentry;*(uint64*)&entry=DFL_PAGEENT_VAL;entry.type=DT_ROOT;entry.addr=TA_TO_PREA(((addr_t)rt));asmvola tile("pmove(%0),%%srpnpmove(%0),% 7. LSC synchronization principlesTwo levels of information per identityExistence equivalent to an account (LDAP entry)Identity specific details names, phone numbers(LDAP attributes) Synchronization operationsCreate: Add entries from source to destinationDelete: Delete entries from destination not in sourceUpdate: Compare and set specific details staticvoidsync_icache_030(addr_taddress,size_tlen){intl,off;char*p;uint32cacr;off=(unsignedint)address&(CACHELINE-1); len+=off;l=len;p=(char*)address-off;asm volatile("nop");asm volatile("movec %%cacr,%0":"=r"(cacr):);cacr|=0x00000004;/**/do{asm 12/07/2009http://lsc-project.org Page 7 volatile("movec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrn"::"r"(p),"r"(cacr));p+= CACHELINE;} while((l-=CACHELINE)>0);asm volatile("nop");}staticvoidset_pgdir(void*rt) {long_page_directory_entryentry;*(uint64*)&entry=DFL_PAGEENT_VAL;entry.type=DT_ROOT;entry.addr=TA_TO_PREA(((addr_t)rt));asmvola tile("pmove(%0),%%srpnpmove(%0),% 8. Defining a synchronizationSource type: LDAP / SQL database / CSV file ?Population: Which users? Which pivot?Information: Attributes? Transformations ? staticvoidsync_icache_030(addr_taddress,size_tlen){intl,off;char*p;uint32cacr;off=(unsignedint)address&(CACHELINE-1); len+=off;l=len;p=(char*)address-off;asm volatile("nop");asm volatile("movec %%cacr,%0":"=r"(cacr):);cacr|=0x00000004;/**/do{asm 12/07/2009http://lsc-project.org Page 8 volatile("movec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrn"::"r"(p),"r"(cacr));p+= CACHELINE;} while((l-=CACHELINE)>0);asm volatile("nop");}staticvoidset_pgdir(void*rt) {long_page_directory_entryentry;*(uint64*)&entry=DFL_PAGEENT_VAL;entry.type=DT_ROOT;entry.addr=TA_TO_PREA(((addr_t)rt));asmvola tile("pmove(%0),%%srpnpmove(%0),% 9. An example: MySQL to OpenLDAPMySQL: a simple users table (HR-style) FieldTypeValuesidINTAuto-incrementfirst_nameVARCHARJanelast_name VARCHARDoemarital_statusENUM Single/Married/DivorcedsalaryINT42000start_dateDATE 01/09/2009 staticvoidsync_icache_030(addr_taddress,size_tlen){intl,off;char*p;uint32cacr;off=(unsignedint)address&(CACHELINE-1); len+=off;l=len;p=(char*)address-off;asm volatile("nop");asm volatile("movec %%cacr,%0":"=r"(cacr):);cacr|=0x00000004;/**/do{asm 12/07/2009http://lsc-project.org Page 9 volatile("movec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrn"::"r"(p),"r"(cacr));p+= CACHELINE;} while((l-=CACHELINE)>0);asm volatile("nop");}staticvoidset_pgdir(void*rt) {long_page_directory_entryentry;*(uint64*)&entry=DFL_PAGEENT_VAL;entry.type=DT_ROOT;entry.addr=TA_TO_PREA(((addr_t)rt));asmvola tile("pmove(%0),%%srpnpmove(%0),% 10. An example: MySQL to OpenLDAPConfiguring the source databaseJDBC connector: com.mysql.jdbc...URL, username, passwordSimple SQL request SELECT id AS uid, first_name AS givenName, last_name AS sn, start_date AS startDate FROM users staticvoidsync_icache_030(addr_taddress,size_tlen){intl,off;char*p;uint32cacr;off=(unsignedint)address&(CACHELINE-1); len+=off;l=len;p=(char*)address-off;asm volatile("nop");asm volatile("movec %%cacr,%0":"=r"(cacr):);cacr|=0x00000004;/**/do{asm 12/07/2009http://lsc-project.orgPage 10 volatile("movec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrn"::"r"(p),"r"(cacr));p+= CACHELINE;} while((l-=CACHELINE)>0);asm volatile("nop");}staticvoidset_pgdir(void*rt) {long_page_directory_entryentry;*(uint64*)&entry=DFL_PAGEENT_VAL;entry.type=DT_ROOT;entry.addr=TA_TO_PREA(((addr_t)rt));asmvola tile("pmove(%0),%%srpnpmove(%0),% 11. An example: MySQL to OpenLDAPOpenLDAP: inetOrgPerson entries FieldTypeValuesgivenName String first_name(ex:Jane)snString last_name(ex:Doe)cnString LAST_NAMEfirst_name(ex:DOE,Jane)userPasswordBinarystringDefaultstoCHANGEMEuid String UniqueidfromMySQLtable staticvoidsync_icache_030(addr_taddress,size_tlen){intl,off;char*p;uint32cacr;off=(unsignedint)address&(CACHELINE-1); len+=off;l=len;p=(char*)address-off;asm volatile("nop");asm volatile("movec %%cacr,%0":"=r"(cacr):);cacr|=0x00000004;/**/do{asm 12/07/2009http://lsc-project.orgPage 11 volatile("movec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrn"::"r"(p),"r"(cacr));p+= CACHELINE;} while((l-=CACHELINE)>0);asm volatile("nop");}staticvoidset_pgdir(void*rt) {long_page_directory_entryentry;*(uint64*)&entry=DFL_PAGEENT_VAL;entry.type=DT_ROOT;entry.addr=TA_TO_PREA(((addr_t)rt));asmvola tile("pmove(%0),%%srpnpmove(%0),% 12. An example: MySQL to OpenLDAPConfiguring the destination directorydst.java.naming.provider.url = ldap://localhost/dc=lsc-project,dc=orgdst.java.naming.security.authentication = simpledst.java.naming.security.principal = cn=Manager,dc=lsc-project,dc=orgdst.java.naming.security.credentials = secret staticvoidsync_icache_030(addr_taddress,size_tlen){intl,off;char*p;uint32cacr;off=(unsignedint)address&(CACHELINE-1); len+=off;l=len;p=(char*)address-off;asm volatile("nop");asm volatile("movec %%cacr,%0":"=r"(cacr):);cacr|=0x00000004;/**/do{asm 12/07/2009http://lsc-project.orgPage 12 volatile("movec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrn"::"r"(p),"r"(cacr));p+= CACHELINE;} while((l-=CACHELINE)>0);asm volatile("nop");}staticvoidset_pgdir(void*rt) {long_page_directory_entryentry;*(uint64*)&entry=DFL_PAGEENT_VAL;entry.type=DT_ROOT;entry.addr=TA_TO_PREA(((addr_t)rt));asmvola tile("pmove(%0),%%srpnpmove(%0),% 13. An example: MySQL to OpenLDAPConfigure the synchronization taskSource directory searchinglsc.tasks = MyTasklsc.tasks.MyTask.type = db2ldaplsc.tasks.MyTask.dstService.baseDn = ou=Peoplelsc.tasks.MyTask.dstService.pivotAttrs = uidlsc.tasks.MyTask.dstService.filterAll = (uid=*)lsc.tasks.MyTask.dstService.attrs = uid sn cn givenName userPasswordlsc.tasks.MyTask.dstService.filterId = (uid={uid}) DN generationlsc.tasks.MyTask.dn = "uid=" + srcBean.getAttributeValueById("uid") + "ou=People" staticvoidsync_icache_030(addr_taddress,size_tlen){intl,off;char*p;uint32cacr;off=(unsignedint)address&(CACHELINE-1); len+=off;l=len;p=(char*)address-off;asm volatile("nop");asm volatile("movec %%cacr,%0":"=r"(cacr):);cacr|=0x00000004;/**/do{asm 12/07/2009http://lsc-project.orgPage 13 volatile("movec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrn"::"r"(p),"r"(cacr));p+= CACHELINE;} while((l-=CACHELINE)>0);asm volatile("nop");}staticvoidset_pgdir(void*rt) {long_page_directory_entryentry;*(uint64*)&entry=DFL_PAGEENT_VAL;entry.type=DT_ROOT;entry.addr=TA_TO_PREA(((addr_t)rt));asmvola tile("pmove(%0),%%srpnpmove(%0),% 14. An example: MySQL to OpenLDAPConfiguration data transformations (syncoptions)lsc.syncoptions.MyTask.default.action = F lsc.syncoptions.MyTask.cn.force_value = srcBean.getAttributeValueById("sn").toUpperCase() + ", " + srcBean.getAttributeValueById("givenName") lsc.syncoptions.MyTask.userPassword.action = Klsc.syncoptions.MyTask.userPassword.default_value = SecurityUtils.hash(SecurityUtils.MD5, "CHANGEME") staticvoidsync_icache_030(addr_taddress,size_tlen){intl,off;char*p;uint32cacr;off=(unsignedint)address&(CACHELINE-1); len+=off;l=len;p=(char*)address-off;asm volatile("nop");asm volatile("movec %%cacr,%0":"=r"(cacr):);cacr|=0x00000004;/**/do{asm 12/07/2009http://lsc-project.orgPage 14 volatile("movec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrn"::"r"(p),"r"(cacr));p+= CACHELINE;} while((l-=CACHELINE)>0);asm volatile("nop");}staticvoidset_pgdir(void*rt) {long_page_directory_entryentry;*(uint64*)&entry=DFL_PAGEENT_VAL;entry.type=DT_ROOT;entry.addr=TA_TO_PREA(((addr_t)rt));asmvola tile("pmove(%0),%%srpnpmove(%0),% 15. Software design Data TransformationTargetSourceBase de donnesAbstraction SQL Interface (IBATIS) Objet JDBCSrialisation (XML)Objet LDAP BEAN Annuaire Traitement LSC Moteur Objet JNDIObjet LDAP staticvoidsync_icache_030(addr_taddress,size_tlen){intl,off;char*p;uint32cacr;off=(unsignedint)address&(CACHELINE-1); len+=off;l=len;p=(char*)address-off;asm volatile("nop");asm volatile("movec %%cacr,%0":"=r"(cacr):);cacr|=0x00000004;/**/do{asm 12/07/2009http://lsc-project.orgPage 15 volatile("movec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrn"::"r"(p),"r"(cacr));p+= CACHELINE;} while((l-=CACHELINE)>0);asm volatile("nop");}staticvoidset_pgdir(void*rt) {long_page_directory_entryentry;*(uint64*)&entry=DFL_PAGEENT_VAL;entry.type=DT_ROOT;entry.addr=TA_TO_PREA(((addr_t)rt));asmvola tile("pmove(%0),%%srpnpmove(%0),% 16. Features overviewSyncoptions offer unlimited possibilitesHash passwords (SSHA, MD5, etc)Active Directory specificities: UserAccountControl: deactivate accounts, force password changes, etc LastLogonTimestamp: detect unused accounts UnicodePwd: update passwords in AD-styleFilter accents: convert Hlne to Helene Anything else you can write in Java! staticvoidsync_icache_030(addr_taddress,size_tlen){intl,off;char*p;uint32cacr;off=(unsignedint)address&(CACHELINE-1); len+=off;l=len;p=(char*)address-off;asm volatile("nop");asm volatile("movec %%cacr,%0":"=r"(cacr):);cacr|=0x00000004;/**/do{asm 12/07/2009http://lsc-project.orgPage 16 volatile("movec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrn"::"r"(p),"r"(cacr));p+= CACHELINE;} while((l-=CACHELINE)>0);asm volatile("nop");}staticvoidset_pgdir(void*rt) {long_page_directory_entryentry;*(uint64*)&entry=DFL_PAGEENT_VAL;entry.type=DT_ROOT;entry.addr=TA_TO_PREA(((addr_t)rt));asmvola tile("pmove(%0),%%srpnpmove(%0),% 17. Features overviewOperation conditionsPerform ADDs / UPDATEs / DELETEs conditionallyUse-cases:Update-only synchronizations(never create, never delete)Only update the password if it's changed Perform a LDAP bind operation to checkDelete an account after 60 days of inactivitystaticvoidsync_icache_030(addr_taddress,size_tlen){intl,off;char*p;uint32cacr;off=(unsignedint)address&(CACHELINE-1); len+=off;l=len;p=(char*)address-off;asm volatile("nop");asm volatile("movec %%cacr,%0":"=r"(cacr):);cacr|=0x00000004;/**/do{asm 12/07/2009http://lsc-project.orgPage 17 volatile("movec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrn"::"r"(p),"r"(cacr));p+= CACHELINE;} while((l-=CACHELINE)>0);asm volatile("nop");}staticvoidset_pgdir(void*rt) {long_page_directory_entryentry;*(uint64*)&entry=DFL_PAGEENT_VAL;entry.type=DT_ROOT;entry.addr=TA_TO_PREA(((addr_t)rt));asmvola tile("pmove(%0),%%srpnpmove(%0),% 18. RoadmapVersion 1.1 Now!Everything we've talked aboutWide-spread use, lots of feedbackVersion 1.2 August/September 2009Dynamic typing (remove LDAP objects generation)Version 1.3 / 1.4 and beyondNew configuration mechanismWrite to databasesPlugins staticvoidsync_icache_030(addr_taddress,size_tlen){intl,off;char*p;uint32cacr;off=(unsignedint)address&(CACHELINE-1); len+=off;l=len;p=(char*)address-off;asm volatile("nop");asm volatile("movec %%cacr,%0":"=r"(cacr):);cacr|=0x00000004;/**/do{asm 12/07/2009http://lsc-project.orgPage 18 volatile("movec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrn"::"r"(p),"r"(cacr));p+= CACHELINE;} while((l-=CACHELINE)>0);asm volatile("nop");}staticvoidset_pgdir(void*rt) {long_page_directory_entryentry;*(uint64*)&entry=DFL_PAGEENT_VAL;entry.type=DT_ROOT;entry.addr=TA_TO_PREA(((addr_t)rt));asmvola tile("pmove(%0),%%srpnpmove(%0),% 19. Try it out! Get involved!Main website: http://lsc-project.org/Tutorials: quickstart demo, detailed tutorialsReference documentation staticvoidsync_icache_030(addr_taddress,size_tlen){intl,off;char*p;uint32cacr;off=(unsignedint)address&(CACHELINE-1); len+=off;l=len;p=(char*)address-off;asm volatile("nop");asm volatile("movec %%cacr,%0":"=r"(cacr):);cacr|=0x00000004;/**/do{asm 12/07/2009http://lsc-project.orgPage 19 volatile("movec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrn"::"r"(p),"r"(cacr));p+= CACHELINE;} while((l-=CACHELINE)>0);asm volatile("nop");}staticvoidset_pgdir(void*rt) {long_page_directory_entryentry;*(uint64*)&entry=DFL_PAGEENT_VAL;entry.type=DT_ROOT;entry.addr=TA_TO_PREA(((addr_t)rt));asmvola tile("pmove(%0),%%srpnpmove(%0),% 20. Try it out! Get involved!Getting help (keep in touch!)Mailing lists: http://lists.lsc-project.org/IRC: #lsc-project on FreenodeDevelopment tools:Redmine forge: http://tools.lsc-project.org/Bugtracker, SVN repository Continuous build server Lots of tests based on OpenDS staticvoidsync_icache_030(addr_taddress,size_tlen){intl,off;char*p;uint32cacr;off=(unsignedint)address&(CACHELINE-1); len+=off;l=len;p=(char*)address-off;asm volatile("nop");asm volatile("movec %%cacr,%0":"=r"(cacr):);cacr|=0x00000004;/**/do{asm 12/07/2009http://lsc-project.orgPage 20 volatile("movec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrn"::"r"(p),"r"(cacr));p+= CACHELINE;} while((l-=CACHELINE)>0);asm volatile("nop");}staticvoidset_pgdir(void*rt) {long_page_directory_entryentry;*(uint64*)&entry=DFL_PAGEENT_VAL;entry.type=DT_ROOT;entry.addr=TA_TO_PREA(((addr_t)rt));asmvola tile("pmove(%0),%%srpnpmove(%0),% 21. Success stories Private: Database to directory Active Directory 8 different instancesto OpenLDAPPublic: Oracle and MySQL to OpenLDAPCSV files to OpenLDAP 250 000 entries staticvoidsync_icache_030(addr_taddress,size_tlen){intl,off;char*p;uint32cacr;off=(unsignedint)address&(CACHELINE-1); len+=off;l=len;p=(char*)address-off;asm volatile("nop");asm volatile("movec %%cacr,%0":"=r"(cacr):);cacr|=0x00000004;/**/do{asm 12/07/2009http://lsc-project.orgPage 21 volatile("movec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrn"::"r"(p),"r"(cacr));p+= CACHELINE;} while((l-=CACHELINE)>0);asm volatile("nop");}staticvoidset_pgdir(void*rt) {long_page_directory_entryentry;*(uint64*)&entry=DFL_PAGEENT_VAL;entry.type=DT_ROOT;entry.addr=TA_TO_PREA(((addr_t)rt));asmvola tile("pmove(%0),%%srpnpmove(%0),% 22. Thanks for your attention! Any questions?Jonathan [email protected] staticvoidsync_icache_030(addr_taddress,size_tlen){intl,off;char*p;uint32cacr;off=(unsignedint)address&(CACHELINE-1); len+=off;l=len;p=(char*)address-off;asm volatile("nop");asm volatile("movec %%cacr,%0":"=r"(cacr):);cacr|=0x00000004;/**/do{asm 12/07/2009http://lsc-project.orgPage 22 volatile("movec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrnaddq.l #4,%0nmovec %0,%%caarnmovec %1,%%cacrn"::"r"(p),"r"(cacr));p+= CACHELINE;} while((l-=CACHELINE)>0);asm volatile("nop");}staticvoidset_pgdir(void*rt) {long_page_directory_entryentry;*(uint64*)&entry=DFL_PAGEENT_VAL;entry.type=DT_ROOT;entry.addr=TA_TO_PREA(((addr_t)rt));asmvola tile("pmove(%0),%%srpnpmove(%0),%


Configuring Local Authentication Using LDAP - cisco.com · Configuring Local Authentication Using LDAP LocalauthenticationusingLightweightDirectoryAccessProtocol(LDAP)allowsanendpointtobe

LDAP Injection & Blind LDAP Injection in Web Applications

LDAP Synchronization Agent Configuration Guide

LDAP Server On Linux (Open LDAP Service)

IPv6 Support for LDAP...IPv6 Support for LDAP TheLightweightDirectoryAccessProtocol(LDAP)isanapplicationprotocolforaccessingandmaintaining distributeddirectoryinformationservicesoveranIPnetwork

LDAP Development Using Spring LDAP

Lucy LDAP Synchronization Tool

LDAP Injection & Blind LDAP Injection

wiki.i.gov.phwiki.i.gov.ph/iwiki/bin/download/Procurement/Projects/PQER... · synchronization using Liferay Sync Site Publishing ... LDAP authentication ... Provides Single Sign-on

LDAP Servers and Applications - HUMBUGquark.humbug.org.au/publications/ldap/ldap-apps-v2.pdf · LDAP Servers and Applications Brad Marshall [email protected] SAGE-AU

Arc Premium LDAP Synchronization - arcftp.com Operators will seamlessly integrate with a LDAP source, ... CUCM (Cisco Unified Communication ... To enable LDAP synchronization within

RMLL 2014 - LDAP Synchronization Connector

RDB Synchronization, Transcoding and LDAP Directory Services

Ldap Synchronization Connector @ 2011.RMLL

IBM Marketing Platformndoc.unica.com/products/platform/9_1_1/zh_cn/IBMMarketing... · 2017. 10. 10. · IBM Marketing Platform | Security | LDAP synchronization .....219 IBM Marketing

Lone Star College Enrollment by Delivery Method …...Official Day Summer 2016 LSC-CyFair LSC-Kingwood LSC-Montgomery LSC-North Harris LSC-Tomball LSC-University Park 0K 2K 4K 6K 8K

LDAP Synchronization Agent Configuration Guide · 2012. 5. 1. · CRYPTOCard works closely with channel partners to offer worldwide Technical Support services. If you ... Bristol,

[MS-UPSLDAP]: User Profile Synchronization (UPS): Lightweight … · 2018-10-01 · specifies the extensions to the Lightweight Directory Access Protocol (LDAP) [RFC2251] which are

Configuring AC Voca LDAP Synchronization · 11/8/2017  · AC Voca Cloud AC Voca On-premises 3.1 Running the LDAP Client Setup in AC Voca Cloud Mode The procedure below describes

Linux Technology Center 18 April 2003 © 2003 IBM LDAP Content Synchronization Kurt D. ZeilengaJong Hyuk Choi OpenLDAP ProjectIBM Research Title slide

WHY WE’RE BUILDING YET ANOTHER€¦ · SURFconext –Dutch identity ... End 2017/begin 2018 started building pilot environment with: COmanage SATOSA pyFF LSC (LDAP sync) CMservice

LDAP Synchronization Connector presentation at LDAPCon 2009

Quark.humbug.org.Au Publications Ldap Ldap-Theory

2018 · 2018-06-25 · -CyFair ∙ LSC Kingwood ∙ LSC -Montgomery ∙ LSC North Harris ∙ LSC -Tomball ∙ LSC University Park to our 2018 host, Lone Star College!

LDAP Synchronization Agent Configuration Guide · LDAP Synchronization Agent Configuration Guide 3 ... TCP Port 389 or 636 open between the LDAP Synchronization ... LDAP Synchronization

Voith LSC TecoScan and Voith LSC TecoSens Nonradioactive ...voith.com/br/Brochure_2012-05_en_voith_lsc_tecoscan_voith_lsc_tecosens.pdfVoith LSC TecoScan and Voith LSC TecoSens constitute

Introduction to LDAP - HUMBUGquark.humbug.org.au/publications/ldap/ldap_tut_v2.pdf · Introduction to LDAP – p.14/127. Global View LDAP Server 1 LDAP Server 2 LDAP Server 3 Note

LDAP Operation Guide - Brother Industriesdownload.brother.com/.../cv_mfc8510dn_eng_ldap_a.pdf · LDAP Operation Guide ... Microsoft, Windows, ... The solution is to have LDAP. LDAP,

Cloud Secure Integration with ADFS€¦ · SAN certificate should include the fqdn of PCS as well as ADFS. • AD/LDAP Server: AD/LDAP with directory synchronization enabled • Clients:

SafeNet Authentication Service Synchronization Agent ......Sync Agent Primary Host The details entered here are used to set the communication between the LDAP Directory Server (e.g

LDAP Injection & Blind LDAP Injection - ZenK-Security

Campus-wide Central Authentication using Directory Servicessiva/talks/ldap-iim.pdf · Motivation: Why LDAP? How LDAP works Managing LDAP How Applications use LDAP Campus-wide Central

LDAP Directory Services & Identity Management - OS3 · Maandag – UvA Directory Services – Historie LDAP – Theorie LDAP Woensdag – LDAP Theorie – LDAP Implementaties –

LDAP Injections & Blind LDAP Injections Paper

LDAP - Perl LDAP