From: David Bussenschutt (d.bussenschutt@mailbox.gu.edu.au)
Date: Thu Jan 09 2003 - 21:58:51 CST
Hi Jennifer, (and others),
>Hi Everyone,
>
>I've got the LDAP authentication working well with NetReg. What a
>great piece of software-- thanks to all who contributed to the code!
>
>I have a few more questions for you all:
>
>1) Is anyone encrypting the communications between the NetReg scripts
>and the LDAP server using SSL? If so, could you explain how to set
>this up?
1) You need to change any code that refers to Net::LDAP to Net::LDAPS
2) you obviously need to also have the Net::LDAPS perl module installed
(which means you also need Net::SSLeay, and IO::Socket::SSL as these are
dependancies)
3) you need to make sure the Net::LDAPS->new( ... ) call has the right
parameters for connecting to your secure LDAP server. most likely you
won't have to change anything...but you might need to provide a
certificate or something...check the Net::LDAPS doco.
<snip>
>This would allow us to register machines ourselves at the
>beginning, and then roll it out to users after the initial deployment
>is finished.
<snip>
>3) Is anyone doing DHCP failover with their NetReg boxes?
We (Griffith Uni, with a little help from Lawrence uni and others) have
had 2 developers (and assistance of a dozen others for review etc) spend
the last 4 months completely re-writing/testing/implementing the netreg
code into what is known informally as "netreg2". It's massively more
"corporatized", and supports heaps more functions... including multiple
DHCP servers, DHCP failover, editing of the dhcpd.conf file via the web,
grouping of hosts, dynamic and static host registrations, database
back-end support, innumerable access controls based on function,
support-staff controlled registration/s etc etc.
It's current state is "alpha" code, but we "rolling it out" here , and
have "in production" 5 DHCP fail-over pairs (we have 5 campuses) ie 10
DHCPD servers (and one separate "registration" server that runs the
"dodgy" DNS, and web registration page/s), and we have about 20 class C
(ie /24) subnets that have been converted to this system. (more every
week). We'll have a couple of hundred /24 subnets and about 12-15,000
hosts by the time we are done rolling out. ;-)
I'd suggest having a look at our CVS source for http://www.sourceforge.net/projects/netreg
David
P.S. there are a number of bigish improvements that we've made in the last
week that aren't up in the CVS yet as we are still flushing the bugs out
of them, but they'll be there soon.
--------------------------------------------------------------------
David Bussenschutt Email: D.Bussenschutt@mailbox.gu.edu.au
Senior Computing Support Officer & Systems Administrator/Programmer
RedHat Certified Engineer.
Member of Systems Administrators Guild of Australia.
Location: Griffith University. Information Technology Services
Brisbane Qld. Aust. (Willett Centre rm0.36) Ph: (07)38757079
--------------------------------------------------------------------
**********************************************************************
To unsubscribe from this list, send an e-mail message to
majordomo@southwestern.edu containing a single line with the words:
unsubscribe netreg
Send requests for assistance to: owner-netreg@southwestern.edu
**********************************************************************
This archive was generated by hypermail 2.1.4 : Thu Aug 12 2004 - 12:01:38 CDT