centralised authentication of linux servers and integrates with google work space
29 views
Skip to first unread message
Siva
Apr 9, 2021, 4:20:26 AM4/9/21
to ansible...@googlegroups.com
Hi All ,
Goodmorning .I am new to ansible and also to devops
My organisation wanted me to do centralised authentication of linux servers ,Vm 's ,vcenter for any employee joins the organisation and they want to integrate the same on the google workspace
Any inputs on this will be a great help for me to start with
Thanks in advance
--
Best Wishes
Sivapriya
Sivapriya
Michael Ströder
Apr 9, 2021, 5:38:04 AM4/9/21
to ansible...@googlegroups.com, Siva
On 4/9/21 10:20 AM, Siva wrote:
> Goodmorning .I am new to ansible and also to devops
> My organisation wanted me to do centralised authentication of linux servers
> ,Vm 's ,vcenter for any employee joins the organisation and they want to
> integrate the same on the google workspace
Some people will recommend to simply use modules user [1] and group [2]
> Goodmorning .I am new to ansible and also to devops
> My organisation wanted me to do centralised authentication of linux servers
> ,Vm 's ,vcenter for any employee joins the organisation and they want to
> integrate the same on the google workspace
to add user accounts to all your systems.
While I like automation via ansible this approach has deficiencies, e.g.
you have to provide unique UID and GID values in the inventory and thus
you need a database which enforces this uniqueness.
Off-topic:
Some people will recommend FreeIPA and there are some IPA-specific
ansible modules.
But I needed delegated administration and strict need-to-know
priniciple. Thus I've developed my own solution Æ-DIR (see
https://ae-dir.com/) which is based on OpenLDAP and has some more
components you need. Being the author I'm biased of course.
On-topic again: Æ-DIR is installed with ansible [3]. :-)
Ciao, Michael.
[1]
https://docs.ansible.com/ansible/latest/collections/ansible/builtin/user_module.html
[2]
https://docs.ansible.com/ansible/latest/collections/ansible/builtin/group_module.html
[3] https://www.ae-dir.com/install.html
Siva
Apr 9, 2021, 6:25:26 AM4/9/21
to Michael Ströder, ansible...@googlegroups.com
Thanks alot Michael ,Can we integrate with google workspace using open ldap and the thing to be noted is they don't want to spend money
Sorry to trouble you bys asking more
Best Regards,
Sivapriya
Best Wishes
Sivapriya
Sivapriya
Michael Ströder
Apr 9, 2021, 6:41:36 AM4/9/21
to Siva, ansible...@googlegroups.com
On 4/9/21 12:25 PM, Siva wrote:
> Can we integrate with google workspace using open ldap
> and the thing to be noted is they don't want to spend money
> Sorry to trouble you bys asking more
All the stuff I've mentioned is free software.
> Can we integrate with google workspace using open ldap
> and the thing to be noted is they don't want to spend money
> Sorry to trouble you bys asking more
I don't know whether integration with google workspace works. FreeIPA
and Æ-DIR both expose LDAP end-points to use with data suitable to be
used for NSS/PAM in Linux.
But this stuff is getting highly off-topic here.
Ciao, Michael.
Dipl.-Inform. D-76137 Karlsruhe, Germany
Tel.: +49 721 8304316 Mobil: +49 170 2391920
E-Mail: mic...@stroeder.com https://www.stroeder.com
Reply all
Reply to author
Forward
0 new messages