Wednesday 3 June 2:00pm
Location: Old Union - Clubhouse
 |
|
 |
|
|
|
Location: Old Union - Clubhouse
Speaker: Simon Wilkinson
Title: Prometheus - LDAP based account provisioning
Abstract:
I'll present "Prometheus", an account provisioning system that I've
been developing for the School of Informatics at the University of Edinburgh.
Prometheus is an LDAP based provisioning system, which is designed to manage
a wide variety of user databases, including AFS's PTS and a Kerberos KDC. It is
highly flexible in the databases it supports, and permits very fine grained
delegation of control. It has a role-based access control model, and allows the
creation and management of roles by any authorized user. It is instance aware,
allowing users to create many instances of a primary account, request keytabs of
those instances, and delegate particular permission sets to individual
instances. Prometheus is designed to be a distributed as possible, permitting
provisioning of system maintained by disparate groups without requiring those
groups be trusted by the system itself.
This talk will discuss the design
goals behind Prometheus, provide an update on implementation progress, and
demonstrate a running system.
Slides: PDF