Archivio tag: activedirectory

Bookmarks for 28 feb 2015 from 19:57 to 20:29

These are my links for 28 feb 2015 from 19:57 to 20:29:

  • MDwiki – Markdown based wiki done 100% on the client via javascript – MDwiki is a CMS/Wiki completely built in HTML5/Javascript and runs 100% on the client. No special software installation or server side processing is required. Just upload the mdwiki.html shipped with MDwiki into the same directory as your markdown files and you are good to go!
  • Step by Step Installation and Configuration of OpenLDAP as Proxy to Active Directory | haroonferoze – This guide describes how to install and configure OpenLDAP as proxy to Active Directory.
  • Integrate Active Directory and OpenLDAP | Networking content from Windows IT Pro – OpenLDAP’s proxy service can allow LDAP operations to cross the boundaries between AD and OpenLDAP deployments. To demonstrate this proxy service, we walk through the steps to make AD’s cn=Users container, which by default contains all user objects, part of an OpenLDAP directory. To produce the examples in this article, I used CentOS 4.3, OpenLDAP 2.2.13, and AD running on Windows Server 2003 R2. Later in the article, I’ll show you a limitation in the commonly deployed OpenLDAP 2.2, which you can solve by installing OpenLDAP 2.3 on CentOS 4.3.
  • Let’s Chat — Self-hosted chat for small teams – WHAT IS THIS THING? Some backstory. Way back in 2012, we didn't like any of the existing chat services out there. So we decided to write our own. Let's Chat is a persistent messaging application that runs on Node.js and MongoDB. It's designed to be easily deployable and fits well with small, intimate teams. It's free (MIT licensed) and ships with killer features such as LDAP/Kerberos authentication, a REST-like API and XMPP support. Let's Chat is a side-project of the development team at Security Compass. (A real life 10% time project!)

Bookmarks for 5 nov 2014 from 10:48 to 13:51

These are my links for 5 nov 2014 from 10:48 to 13:51:

  • Configuring OpenLDAP pass-through authentication to Active Directory – Alex Tcherniakhovski – Security – Site Home – MSDN Blogs – This particular functionality of OpenLDAP should be of special interest for environments where long term co-existence between OpenLDAP and Active Directory is required. By establishing pass-through authentication the following advantages could be achieved: Great end-user experience. No need to remember multiple passwords Increased security, due to the reduction of the attack surface (one less password store in the environment) Single password policy The rest of the post will expand on the instructions provided by the OpenLDAP 2.4 Administration guide on establishing pass-through authentication from OpenLDAP to Active Directory. Specifically, will will leverage the capability of SASL to use LDAP as an authentication back-end. In our case, Active Directory will play a role of such authentication back-end.
  • Books – UNIX Systems Programming (BSD) – – ISBN 10: 0-937175-23-4 / ISBN 13: 9780937175231  O'Reilly & Associates January 1989 The following are made available for your personal, non-commercial use only. You may cite this document as a bibliographic reference in any works that you are writing. Any commercial use of this document, including printing and distribution to groups of people (such as a classroom) is prohibited without my prior written permission.
  • osquery – With osquery, you can use SQL to query low-level operating system information. Under the hood, instead of querying static tables, these queries dynamically execute high-performance native code. The results of the SQL query are transparently returned to you quickly and easily.
  • Boxupp – GUI tool to manage Puppet & Vagrant based project environments | Paxcel – Boxupp makes it easy for integrated management of development stacks over Vagrant and Puppet. Initially built over these two softwares, we plan to add support for more providers and provisioners * Integrated management environment for Vagrant and Puppet * Intelligence at its core * Simple Web GUI * Easy provisioning * Inbuilt console and editors * Start right from level zero ! * Share your configurations with team members.

Bookmarks for 22 ott 2014 from 11:21 to 11:34

These are my links for 22 ott 2014 from 11:21 to 11:34:

  • F*EX – File EXchange – F*EX (Frams' Fast File EXchange) is a service to send big (large, huge, giant, …) files from a user A to a user B. The sender uploads the file to the F*EX server using a WWW upload form and the recipient automatically gets a notification e-mail with a download-URL.
  • KandanApp – An Open Source Alternative to HipChat and so much more. Get your own private Chat server in minutes, plus additional features. No credit card required. A fast, secure and stable solution based on Rails. Free and open-source Distributed under the AGPL License.
  • Get MogoChat – Beautiful team chat app written in Elixir & Ember.js
  • — Pulse – Pulse Freedom in sync Pulse (previously Syncthing) replaces proprietary sync and cloud services with something open, trustworthy and distributed. Your data is your data alone and you deserve to choose where it is stored, if it is shared with some third party, and how it's transmitted over the Internet. Free and Open Software. All source code is available on GitHub. What you see is what you get, there is no hidden funny business. Pulse Source Code For Mac, Windows, Linux, BSD, and Solaris Secure & Private, Free & Open, Easy to Use
  • Enterprise/Authentication/sssd – Ubuntu Wiki – The sssd authentication in Ubuntu works pretty decently. You can use it basically with any directory-style backend, including OpenLDAP, Kerberos, RedHat's FreeIPA and Microsoft's Active Directory. The good part about sssd is that it can be used to log into multiple directory services, so if you have some users in one directory, and the the rest in a different place, this works pretty decently in sssd. You can use it for single-server deployments with plain LDAP with servers or workstations (where you could as well go with pam-ldap and nss-ldap), but also, or especially for more sophisticated setups.

Bookmarks for 17 ott 2014 through 20 ott 2014

These are my links for 17 ott 2014 through 20 ott 2014:

  • microHOWTO: Configure Apache to use Kerberos authentication – To configure Apache to use Kerberos authentication Kerberos is an authentication protocol that supports the concept of Single Sign-On (SSO). Having authenticated once at the start of a session, users can access network services throughout a Kerberos realm without authenticating again. For this to work it is necessary to use network protocols that are Kerberos-aware. In the case of HTTP, support for Kerberos is usually provided using the SPNEGO authentication mechanism (Simple and Protected GSS-API Negotiation). This is also known as ‘integrated authentication’ or ‘negotiate authentication’. Apache does not itself support SPNEGO, but support can be added by means of the mod_auth_kerb authentication module.
  • How to create a bootable USB stick on OS X | Ubuntu – […] Note: this procedure requires that you create an .img file from the .iso file you download. It will also change the filesystem that is on the USB stick to make it bootable, so backup all data before continuing […]
  • thomastk/kunjumon – Kunjumon is a framework that can be used to create plugins for Nagios monitoring system, without writing any new code. The plugins thus created are robust, and, can monitor complex scenarios by querying data from multiple databases. While efforts to build such plugins would require considerable scripting work, using Kunjumon framework, a a plugin that pulls input data from databases can be implemented by defining it in XML format, and, there is no need to write any code to support it. The Kunjumon framework has been tested on all the Linux platforms, and against MySQL, Postgres, Oracle and Microsoft SQL Server. However, in general, it would work with any ODBC interface configured on the Nagios host to access a data repository.