[SAC] LDAP organization help
Sandro Santilli
strk at kbt.io
Wed Sep 7 15:01:28 PDT 2022
On Wed, Sep 07, 2022 at 11:03:29AM +0200, Sandro Santilli wrote:
> We probably need better documentation, in general, about how LDAP
> database is organized.
>
> What we have so far is here:
> https://wiki.osgeo.org/wiki/SAC:LDAP#LDAP_structure
>
> From that view we have an "osgeo.org" organization
> (dc=osgeo,dc=org) containing the following
> "organizational units" (ou):
>
> - people
> - projects
> - svn
> - shell
>
> A common name (cn) "admin" in the "projects" organizational unit
> contains a group of names (objectClass=groupOfNames) representing,
> according to the entry description:
>
> osgeo sysadmin group
>
> That list has only 9 entries, of the 23 people listed as "active"
> on the wiki: https://wiki.osgeo.org/wiki/SAC#Active
> But that same wiki page says that the
> "authoritative list of current SAC administrators" is retrived
> by https://id.osgeo.org/ldap/shell?group=sac which basically lists
> the group of names in the "sac" common name in the "shell"
> organizational unit, which is, according to the entry description:
>
> Shell Access for OSGeo SAC
>
> so I'm not sure which services use which group of names to tell
> who's to have the powers to administer services.
To complicate things, there's another common name in the "shell"
organizational unit being "telascience", with description:
Shell Access to OSGeo TelaScience resources
That's the group shown by this url:
https://id.osgeo.org/ldap/shell
And that group is HUGE, suspiciously.
--strk;
More information about the Sac
mailing list