web-based nt administration via perl george kuetemeyer thomas jefferson university hospital
TRANSCRIPT
![Page 1: Web-Based NT Administration Via Perl George Kuetemeyer Thomas Jefferson University Hospital](https://reader033.vdocument.in/reader033/viewer/2022061306/55147d91550346b2598b48d3/html5/thumbnails/1.jpg)
Web-Based NT Administration
Via Perl
George KuetemeyerThomas Jefferson University Hospital
![Page 4: Web-Based NT Administration Via Perl George Kuetemeyer Thomas Jefferson University Hospital](https://reader033.vdocument.in/reader033/viewer/2022061306/55147d91550346b2598b48d3/html5/thumbnails/4.jpg)
TJU/H IT Infrastructure
ATM network 5,000 PC’s, Macs IBM mainframe Tandem mainframe Unix/Linux servers NT servers NetWare servers
![Page 5: Web-Based NT Administration Via Perl George Kuetemeyer Thomas Jefferson University Hospital](https://reader033.vdocument.in/reader033/viewer/2022061306/55147d91550346b2598b48d3/html5/thumbnails/5.jpg)
Application Infrastructure
Mail*Hub mail switch/X.500 directory Authentication Role data
HP OpenMail (4,500 faculty/staff) CS&T OpenTime (2,100 clients) PeopleSoft IDX/Last Word
![Page 6: Web-Based NT Administration Via Perl George Kuetemeyer Thomas Jefferson University Hospital](https://reader033.vdocument.in/reader033/viewer/2022061306/55147d91550346b2598b48d3/html5/thumbnails/6.jpg)
The Problem
Migration from NetWare to NT NT admin tool issues NT security model issues Support staff training issues Competing business models Generalized fear and loathing
![Page 7: Web-Based NT Administration Via Perl George Kuetemeyer Thomas Jefferson University Hospital](https://reader033.vdocument.in/reader033/viewer/2022061306/55147d91550346b2598b48d3/html5/thumbnails/7.jpg)
NT Admin Tool Issues
GUI Interface not ideal for batch updates Command line control limited Batch file scripting limited Scripting host proprietary Platform-limited remote control
capabilities
![Page 8: Web-Based NT Administration Via Perl George Kuetemeyer Thomas Jefferson University Hospital](https://reader033.vdocument.in/reader033/viewer/2022061306/55147d91550346b2598b48d3/html5/thumbnails/8.jpg)
NT Security Model Issues
Not very granular (as exposed by the GUI tools)
Not hierarchical (like NetWare 4.XX) No obvious link to our X.500 directory Didn’t fit our IT support roles
![Page 9: Web-Based NT Administration Via Perl George Kuetemeyer Thomas Jefferson University Hospital](https://reader033.vdocument.in/reader033/viewer/2022061306/55147d91550346b2598b48d3/html5/thumbnails/9.jpg)
Support Staff Training Issues
GUI tools unfocused Command line approach not user
friendly
![Page 10: Web-Based NT Administration Via Perl George Kuetemeyer Thomas Jefferson University Hospital](https://reader033.vdocument.in/reader033/viewer/2022061306/55147d91550346b2598b48d3/html5/thumbnails/10.jpg)
Competing Business Models
Microsoft’s take on security different than ours
Monolithic technology vs. diverse technologies
Proprietary vs. open solutions Commercial vs. non-profit environments
![Page 11: Web-Based NT Administration Via Perl George Kuetemeyer Thomas Jefferson University Hospital](https://reader033.vdocument.in/reader033/viewer/2022061306/55147d91550346b2598b48d3/html5/thumbnails/11.jpg)
Fear and Loathing
Microsoft replaces our favorite technologies
Microsoft replaces us ‘The Dark Side’ Syndrome
![Page 17: Web-Based NT Administration Via Perl George Kuetemeyer Thomas Jefferson University Hospital](https://reader033.vdocument.in/reader033/viewer/2022061306/55147d91550346b2598b48d3/html5/thumbnails/17.jpg)
The Solution - Perl
Powerful Cross platform Easy entrée to NT internals Roll our own admin tools Make them networkable Tie in our legacy systems
![Page 18: Web-Based NT Administration Via Perl George Kuetemeyer Thomas Jefferson University Hospital](https://reader033.vdocument.in/reader033/viewer/2022061306/55147d91550346b2598b48d3/html5/thumbnails/18.jpg)
Phase 1 - Local Administration
Standardize on Perl Start by ‘back-ticking’ various command
line functions Replace with Perl/NT admin API
packages as they become available
![Page 19: Web-Based NT Administration Via Perl George Kuetemeyer Thomas Jefferson University Hospital](https://reader033.vdocument.in/reader033/viewer/2022061306/55147d91550346b2598b48d3/html5/thumbnails/19.jpg)
Useful NT Admin Packages
Win32::NetAdmin.pm Win32API::Net.pm Win32::AdminMisc.pm Win32::DomainAdmin.pm Win32::FileSecurity.pm
![Page 20: Web-Based NT Administration Via Perl George Kuetemeyer Thomas Jefferson University Hospital](https://reader033.vdocument.in/reader033/viewer/2022061306/55147d91550346b2598b48d3/html5/thumbnails/20.jpg)
Phase 2 - Remote Administration
IO::Socket-based client inetd from Pragma Systems
Useful companion for pre-fork NT Perl
Also provides telnet daemon Perl-based request server called by inetd Server interfaces with modular “methods”
package System can work with command line or
web delivery mechanisms
![Page 21: Web-Based NT Administration Via Perl George Kuetemeyer Thomas Jefferson University Hospital](https://reader033.vdocument.in/reader033/viewer/2022061306/55147d91550346b2598b48d3/html5/thumbnails/21.jpg)
User Interface CGI Processing
Client Process Server Process
Authentication
Perl NT Methods
X.500 Directory
Web Admin Overview
Authentication
NT Environment
![Page 22: Web-Based NT Administration Via Perl George Kuetemeyer Thomas Jefferson University Hospital](https://reader033.vdocument.in/reader033/viewer/2022061306/55147d91550346b2598b48d3/html5/thumbnails/22.jpg)
User Interface CGI Processing
Client Process Server Process
Authentication
Perl NT Methods
X.500 Directory
Platform Overview
Authentication
NT Environment
NT
HP/UX
Linux/Apache
![Page 26: Web-Based NT Administration Via Perl George Kuetemeyer Thomas Jefferson University Hospital](https://reader033.vdocument.in/reader033/viewer/2022061306/55147d91550346b2598b48d3/html5/thumbnails/26.jpg)
NT Admin Walkthru
Create Client Object
Use K_Client;
my $client = K_Client->new(host => ‘pdc.jeff.com’, port => 2000, sender => $param{‘sender’}, pwd => $param{‘pwd’}, key_file => ‘/usr/local/keys/nt.txt’, );
![Page 27: Web-Based NT Administration Via Perl George Kuetemeyer Thomas Jefferson University Hospital](https://reader033.vdocument.in/reader033/viewer/2022061306/55147d91550346b2598b48d3/html5/thumbnails/27.jpg)
NT Admin Walkthru
Send Request
$client->build_request(method => ‘get_user_list’, server => ‘’, );my $ok = $client->send_receive();my $err = $client->get_errorcode(0);my @users = $client->get_result(0);my $msg = $client->get_msg(0);return ($ok,$err,$msg,\@users);
![Page 28: Web-Based NT Administration Via Perl George Kuetemeyer Thomas Jefferson University Hospital](https://reader033.vdocument.in/reader033/viewer/2022061306/55147d91550346b2598b48d3/html5/thumbnails/28.jpg)
NT Admin Walkthru
Server Object
use K_Server;use K_Methods::NT_Admin;use X500_Auth;
my $hosts = { www.jeff.edu => 1, pdc.jeff.edu => 1 }; my $methods = K_Methods::NT_Admin->new();my $server = K_Server->new(methods_obj => $admin, auth_sub => \&X500_Auth::auth_client, work_dir => 'd:/ntadmsrv’, server_name => 'K_Server', log_file => ’d:/logs/k_admin.log', key_file => ’d:/keys/nt.txt', event_log => 1, ok_hosts => $hosts, );$server->handle_request();
![Page 29: Web-Based NT Administration Via Perl George Kuetemeyer Thomas Jefferson University Hospital](https://reader033.vdocument.in/reader033/viewer/2022061306/55147d91550346b2598b48d3/html5/thumbnails/29.jpg)
NT Admin Walkthru
Methods data structure
$self->{‘methods’} = { get_user_list => { method => sub { $self->get_user_list(@_) }, params => [ server ], role => $ops, event_id => 15, false_msg => sub { my %p = @_; return "Failed to get user list." }, true_msg => sub { my %p = @_; return "Got user list." }, }, . . .
![Page 30: Web-Based NT Administration Via Perl George Kuetemeyer Thomas Jefferson University Hospital](https://reader033.vdocument.in/reader033/viewer/2022061306/55147d91550346b2598b48d3/html5/thumbnails/30.jpg)
NT Admin Walkthru
Methods role attribute
$self->{‘roles’} = { super_acct => 3, acct => 2, ops => 1, all => 0, };
![Page 31: Web-Based NT Administration Via Perl George Kuetemeyer Thomas Jefferson University Hospital](https://reader033.vdocument.in/reader033/viewer/2022061306/55147d91550346b2598b48d3/html5/thumbnails/31.jpg)
NT Admin Walkthru
Core subroutine
# generate list of users
sub get_user_list {my $self = shift;my %params = @_;my (@users);
Win32::AdminMisc::GetUsers($params{'server'},'',\@users);return \@users;
}
![Page 34: Web-Based NT Administration Via Perl George Kuetemeyer Thomas Jefferson University Hospital](https://reader033.vdocument.in/reader033/viewer/2022061306/55147d91550346b2598b48d3/html5/thumbnails/34.jpg)
NT Admin Walkthru
Create Account
$client->build_request(method => ‘create_user’, server => ‘’, user => $param{‘user’}, type => ‘user’, abort => 1, );$client->build_request(method => ‘set_user_pwd’, server => ‘’, user => $param{‘user’}, pwd => ‘tmp_pass’, );$ok = $client->send_receive();@msgs = $client->get_msgs();return ($ok,\@msgs);
![Page 38: Web-Based NT Administration Via Perl George Kuetemeyer Thomas Jefferson University Hospital](https://reader033.vdocument.in/reader033/viewer/2022061306/55147d91550346b2598b48d3/html5/thumbnails/38.jpg)
NT Admin Walkthru
Get Account Info
$client->build_request(method => ‘get_user_attrs’, server => params{‘server’}, user => params{‘user’});$client->build_request(method => ‘get_user_global_groups’, server => params{‘server’}, user => params{‘user’});$client->build_request(method => ‘get_global_groups’, server => params{‘server’});
$ok = $send_receive();@msgs = $client->get_msgs();%attrs = $client->get_result(0);@user_grps = $client->get_result(1)@grps = $client->get_result(2);return ($ok,\@msgs,\%attrs,\@user_grps,\@grps);
![Page 41: Web-Based NT Administration Via Perl George Kuetemeyer Thomas Jefferson University Hospital](https://reader033.vdocument.in/reader033/viewer/2022061306/55147d91550346b2598b48d3/html5/thumbnails/41.jpg)
Project Results
Our security policies enforced NT becomes part of larger IT
infrastructure IT staff supports NT with minimal training Change effectively managed (Win2K) Innovation modulated by our business
realities
![Page 42: Web-Based NT Administration Via Perl George Kuetemeyer Thomas Jefferson University Hospital](https://reader033.vdocument.in/reader033/viewer/2022061306/55147d91550346b2598b48d3/html5/thumbnails/42.jpg)
NT Admin Futures
Replace inetd with Perl fork Recode admin methods to support
LDAP/Active Directory Spend more time on web client interface