Bitbucket Server ãæ¢åã® LDAP ãã£ã¬ã¯ããªã«æ¥ç¶ãã
Bitbucket Server ãæ¢åã® LDAP ãŠãŒã¶ãŒ ãã£ã¬ã¯ããªã«æ¥ç¶ããããšãã§ããŸããããã«ãã£ãŠããšã³ã¿ãŒãã©ã€ãº ãã£ã¬ã¯ããªå ã®æ¢åã®ãŠãŒã¶ãŒãã°ã«ãŒãã Bitbucket Server ã§äœ¿çšã§ããŸããLDAP ãã£ã¬ã¯ããªã¯ããŠãŒã¶ãŒèªèšŒãšã¢ã«ãŠã³ã管çã®äž¡æ¹ã«äœ¿çšã§ããŸãã
Bitbucket Server ã¯æ¬¡ã® LDAP ãã£ã¬ã¯ã㪠ãµãŒãã¹ã«æ¥ç¶ã§ããŸãã
- Microsoft Active Directory
- Apache Directory Server (ApacheDS) 1.0.x ããã³ 1.5.x
- Apple Open Directory (èªã¿åãå°çš)
- Fedora Directory Server (èªã¿åãå°çš Posix Schema)
- Novell eDirectory ãµãŒã
- OpenDS
- OpenLDAP
- Open LDAP (èªã¿åãå°çš Posix Schema)
- Generic Posix/RFC2307 ãã£ã¬ã¯ã㪠(èªã¿åãå°çš)
- Sun Directory Server Enterprise Edition (DSEE)
- ä»»æã®æ±çš LDAP ãã£ã¬ã¯ã㪠ãµãŒããŒ
ãã®ããŒãžã®å 容
é¢é£ããŒãž
ãŠãŒã¶ãŒã« Bitbucket Server ãžã®ãã°ã€ã³ãèš±å¯ããã«ã¯ãAtlassian Bitbucket Server ãå€éšãã£ã¬ã¯ããªã«ã€ãªãã ãã§ã¯äžååã§ããã°ããŒãã«æš©éç»é¢ã§ Bitbucket Server ãžã®ã¢ã¯ã»ã¹ãæç€ºçã«ä»äžããå¿ èŠããããŸãã
æš©éãä»äžããéã¯ãåã ã®ã¢ã«ãŠã³ãã§ã¯ãªãã°ã«ãŒãã䜿çšããããšãããããããŸãã
ã©ã€ã»ã³ã¹ã®èæ ®äºé
Bitbucket Server ãå€éšãã£ã¬ã¯ããªã«æ¥ç¶ããéã«ã¯ãBitbucket Server ã©ã€ã»ã³ã¹ã§èš±å¯ãããŠãããããå€ãã®ãŠãŒã¶ãŒã« Bitbucket Server ãžã®ã¢ã¯ã»ã¹ãèš±å¯ããªãããã«ã泚æãã ãããã©ã€ã»ã³ã¹ã®äžéãè¶ ãããšãéçºè ã¯ã³ãããããªããžããªã«ããã·ã¥ã§ããªããªããBitbucket Server ã«ã¯èŠåã¡ãã»ãŒãžã衚瀺ãããŸãããã® FAQ ãåç §ããŠãã ããã
Bitbucket Server ã LDAP ãã£ã¬ã¯ããªã«åããŠæ¥ç¶ãããšãã®åæ
Bitbucket Server ãæ¢åã® LDAP ãã£ã¬ã¯ããªã«åããŠæ¥ç¶ãããšãBitbucket Server ã®å éšãã£ã¬ã¯ããªã LDAP ãã£ã¬ã¯ããªãšåæãããŸãããŠãŒã¶ãŒæ å ± (ã°ã«ãŒããã°ã«ãŒãã®ã¡ã³ããŒã·ãããå«ã) ã¯ãBitbucket Server å šäœã«ã³ããŒãããŸãã
ã¢ãã©ã·ã¢ã³ã§ã¯ã瀟å ã®ããŒã«ã« ãããã¯ãŒã¯ã§ã10,000 ãŠãŒã¶ãŒã1000 ã°ã«ãŒãã200,000 ã¡ã³ããŒã·ããã§æ§æããã Active Directory ãµãŒããŒãšã®åæã®å éšãã¹ãã宿œããŸããããã®çµæãååã®åæã¯çŽ 5 åãããããšã確èªããŸãããåŸã«AD ãµãŒããŒäžã§ 100 åã®å€æŽãè¡ã£ãå Žåã®åæã¯ãæ°ç§ã§å®äºããŸããã以éã®ãªãã·ã§ã³ãåç §ããŠãã ããã
Bitbucket Server ã LDAP ãã£ã¬ã¯ããªã«æ¥ç¶ãããŠããå ŽåãBitbucket Server ã§ãŠãŒã¶ãŒã®è©³çŽ°ãæŽæ°ããããšã¯ã§ããŸãããæŽæ°ã¯ãApache Directory Studio ãªã©ã® LDAP ãã©ãŠã¶ ããŒã«ã䜿çšããŠãLDAP ãã£ã¬ã¯ããªäžã§çŽæ¥å®è¡ããå¿ èŠããããŸãã
ãªãã·ã§ã³ - LDAP ãã£ã«ã¿ãŒã䜿çšããŠåæããããŠãŒã¶ãŒãã°ã«ãŒãã®æ°ãå¶éãã
LDAP ãã£ã«ã¿ãŒã䜿çšããŠãBitbucket Server ã®å éšãã£ã¬ã¯ããªã«åæããããŠãŒã¶ãŒãã°ã«ãŒããå¶éã§ããŸããBitbucket Server ã«ã¢ã¯ã»ã¹ã§ãããŠãŒã¶ãŒãã°ã«ãŒããå¶éãããå Žåããåæã®ããã©ãŒãã³ã¹ãæžå¿µããŠããå Žåã«æšå¥šãããŸããÂ
ããšãã°ã"bitbucket_user" ãŸã㯠"red_team", ãšããååã®ã°ã«ãŒãã®ã¿ã«åæãå¶éããã«ã¯ãGroup Object Filter ãã£ãŒã«ãã«ä»¥äžãå ¥åããŸã (以éã®ãã°ã«ãŒã ã¹ããŒãã®èšå®ããåç §)ã
(&(objectClass=group)(|(cn=bitbucket_user)(cn=red_team)))
ãã£ã«ã¿ãŒã®è©³çްãäŸã«ã€ããŠã¯ããLDAP æ€çŽ¢ãã£ã«ã¿ãŒã®äœææ¹æ³ããåç §ããŠãã ããããããã®äŸãåçŽã«ã³ããŒããã®ã§ã¯ãªããèªèº«ã®ãã£ã¬ã¯ã㪠ããªãŒã«ããããŸããŸãªã³ã³ããã屿§ãããã³ãªããžã§ã¯ã ã¯ã©ã¹ã®ååãç¥ã£ãŠããå¿ èŠããããŸããApache Directory Studio ãªã©ã®ããŒã«ã䜿çšããŠãã®ãããªã³ã³ããåãèŠã€ããããšãã§ããŸãã
ãŠãŒã¶ãŒããã°ã€ã³ã詊ã¿ããšãã®èªèšŒ
ãŠãŒã¶ãŒã Bitbucket Server ãžã®ãã°ã€ã³ã詊ã¿ãåæãå®äºãããšãBitbucket Server ã¯ãã®ãŠãŒã¶ãŒããã®å éšãã£ã¬ã¯ããªå ã«ååšããããšã確èªãããŠãŒã¶ãŒã®ãã¹ã¯ãŒãã確èªã®ããã« LDAP ãã£ã¬ã¯ããªã«æž¡ããŸãããã¹ã¯ãŒãããŠãŒã¶ãŒçšã«ä¿åãããŠãããã¹ã¯ãŒããšäžèŽããå ŽåãLDAP 㯠Bitbucket ã«ç¢ºèªãè¿ããBitbucket Server ã¯ãŠãŒã¶ãŒããã°ã€ã³ãããŸãããŠãŒã¶ãŒã®ã»ãã·ã§ã³äžããã¹ãŠã®èªèšŒ (äŸ: ãªããžããªããã« ãªã¯ãšã¹ãã管çç»é¢ãªã©ã® Bitbucket Server ãªãœãŒã¹ãžã®ã¢ã¯ã»ã¹) ã¯ãå éšãã£ã¬ã¯ããªå ã§ Bitbucket Server ã«ãã£ãŠç®¡çãããæš©éã«åºã¥ããŠãBitbucket Server ã§åŠçãããŸãã
Bitbucket Server ãæ¥ç¶ãã
Bitbucket Server ã LDAP ãã£ã¬ã¯ããªã«æ¥ç¶ããæ¹æ³
- "管ç" æš©éãæã€ãŠãŒã¶ãŒãšããŠãã°ã€ã³ããŸãã
- Bitbucket Server ã®ç®¡çé åã§ã[ã¢ã«ãŠã³ã] é äžã® [ãŠãŒã¶ãŒ ãã£ã¬ã¯ããª] ãã¯ãªãã¯ããŸãã
- [ãã£ã¬ã¯ããªã®è¿œå ] ãã¯ãªãã¯ãããã£ã¬ã¯ã㪠ã¿ã€ããšã㊠[Microsoft Active Directory] ãŸã㯠[LDAP] ãéžæããŸãã
- 以äžã®è¡šã§èª¬æãããŠããããã«ãã£ã¬ã¯ããªèšå®ãæ§æããŸãã
- ãã£ã¬ã¯ããªèšå®ãä¿åããŸãã
- "ãŠãŒã¶ãŒ ãã£ã¬ã¯ããª" ç»é¢ã§åãã£ã¬ã¯ããªã®æšªã«ããéè²ã®ç¢å°ãã¯ãªãã¯ããŠããã£ã¬ã¯ããªã®é åºãå®çŸ©ããŸãããã£ã¬ã¯ããªé ã¯æ¬¡ã®ããã«åœ±é¿ããŸãã
- ãã£ã¬ã¯ããªã®é åºã¯ããŠãŒã¶ãŒããã³ã°ã«ãŒãã®æ€çŽ¢é åºã§ãã
- ãŠãŒã¶ãŒããã³ã°ã«ãŒããžã®å€æŽã¯ãã¢ããªã±ãŒã·ã§ã³ã倿޿š©éãæã€æåã®ãã£ã¬ã¯ããªã«å¯ŸããŠã®ã¿è¡ãããŸãã
ãµãŒããŒèšå®
èšå® | 説æ |
---|---|
åå | LDAP ãã£ã¬ã¯ã㪠ãµãŒããŒãèå¥ããã®ã«åœ¹ç«ã€ããããããååãå ¥åããŸããäŸïŒ
|
ãã£ã¬ã¯ã㪠ã¿ã€ã | æ¥ç¶ãã LDAP ãã£ã¬ã¯ããªã®ã¿ã€ããéžæããŸããæ°ãã LDAP æ¥ç¶ã远å ããå Žåãããã§éžæããå€ã«ãã£ãŠãç»é¢ã®æ®ãã®ãªãã·ã§ã³ã®å€ãã®ããã©ã«ãå€ã決å®ããŸããäŸïŒ
|
ãã¹ãå | ãã£ã¬ã¯ã㪠ãµãŒãã®ãã¹ãåãäŸïŒ
|
ããŒã | ãã£ã¬ã¯ã㪠ãµãŒããŒããªã¹ã³ããããŒããäŸïŒ
|
SSL ã䜿çšãã | ãã£ã¬ã¯ã㪠ãµãŒããŒãžã®æ¥ç¶ã SSL (Secure Sockets Layer) æ¥ç¶ã®å Žåã¯ããªã³ã«ããŸãããã®èšå®ã䜿çšããã«ã¯ãSSL èšŒææžãèšå®ããå¿ èŠããããŸãã |
ãŠãŒã¶å | ãã£ã¬ã¯ã㪠ãµãŒããŒã«æ¥ç¶ããéã«ã¢ããªã±ãŒã·ã§ã³ã䜿çšãããŠãŒã¶ãŒã®èå¥åãäŸïŒ
ããã©ã«ãã§ã¯ããã¹ãŠã®ãŠãŒã¶ãŒã uSNChanged 屿§ãèªã¿åãããšãã§ããŸãããã ãã管çè ãŸãã¯é¢é£ããæš©éãæã€ãŠãŒã¶ãŒã®ã¿ãå逿žã¿ãªããžã§ã¯ã ã³ã³ããã«ã¢ã¯ã»ã¹ããããšãã§ããŸãããŠãŒã¶ãŒã LDAP ã«æ¥ç¶ããã®ã«å¿ èŠãªç¹å®ã®æš©éã¯ãããã€ã³ããããã³ãèªã¿åããïŒãŠãŒã¶ãŒæ å ±ãã°ã«ãŒãæ å ±ãã°ã«ãŒã ã¡ã³ããŒã·ãããæŽæ°ã·ãŒã±ã³ã¹çªå·ãå逿žã¿ãªããžã§ã¯ãïŒã§ãããããã¯ãActive Directory ã®çµã¿èŸŒã¿ã®ç®¡çè ã°ã«ãŒãã®ã¡ã³ããŒã§ãããŠãŒã¶ãŒãååŸããããšãã§ããŸãã ãããã®æš©éãæããªããŠãŒã¶ãŒã Active Directory ã«ã¢ã¯ã»ã¹ãããšãã€ã³ã¯ãªã¡ã³ã¿ã«åæã¯ãµã€ã¬ã³ãã«å€±æããããšã«æ³šæããŠãã ããããã㯠CWD-3093 ãšããŠå ±åãããŠããŸãã |
ãã¹ã¯ãŒã | äžèšã§æå®ãããŠãŒã¶ãŒã®ãã¹ã¯ãŒãã æ³šïŒ LDAP ãµãŒããŒãžã®æ¥ç¶ã§ã¯ããã®ã¢ããªã±ãŒã·ã§ã³ãããã§èšå®ããããŠãŒã¶ãŒåãšãã¹ã¯ãŒãã§ãµãŒããŒã«ãã°ã€ã³ããå¿ èŠããããŸããçµæãšããŠããã®ãã¹ã¯ãŒãã¯äžæ¹åã«ããã·ã¥åããããšãã§ããŸããããã®ã¢ããªã±ãŒã·ã§ã³ã®ã³ã³ããã¹ãã§å埩å¯èœã§ããå¿ èŠããããŸãããã¹ã¯ãŒãã¯çŸåšãé£èªåãããŠããªããã¬ãŒã³ ããã¹ãã§ããŒã¿ããŒã¹ã«ä¿åãããŠããŸããã»ãã¥ãªãã£ãä¿èšŒããã«ã¯ãä»ã®ããã»ã¹ããã®ã¢ããªã±ãŒã·ã§ã³ã®ããŒã¿ããŒã¹ãŸãã¯èšå®ãã¡ã€ã«ã«å¯Ÿãã OS ã¬ãã«ã®èªã¿åãæš©éãæã£ãŠããªãããšã確èªããå¿ èŠããããŸãã |
LDAP ã¹ããŒã
èšå® | 説æ |
---|---|
ããŒã¹ DN | ãã£ã¬ã¯ã㪠ãµãŒããŒã«å¯ŸããŠã¯ãšãªãå®è¡ããå Žåã«äœ¿çšããã«ãŒãèå¥åïŒDNïŒãäŸïŒ
|
远å ã®ãŠãŒã¶ãŒ DN | ãã®å€ã¯ããŠãŒã¶ãŒã®æ€çŽ¢ããã³èªã¿èŸŒã¿æã«ãããŒã¹ DN ã«å ããŠäœ¿çšãããŸããå€ãæäŸãããªãå ŽåããµãããªãŒæ€çŽ¢ã¯ããŒã¹ DN ããéå§ãããŸããäŸïŒ
|
远å ã®ã°ã«ãŒã DN | ãã®å€ã¯ãã°ã«ãŒãã®æ€çŽ¢ããã³èªã¿èŸŒã¿æã«ãããŒã¹ DN ã«å ããŠäœ¿çšãããŸããå€ãæäŸãããªãå ŽåããµãããªãŒæ€çŽ¢ã¯ããŒã¹ DN ããéå§ãããŸããäŸïŒ
|
远å ã®ãŠãŒã¶ãŒ DN ãŸãã¯è¿œå ã®ã°ã«ãŒã DN ã«å€ãæå®ãããŠããªãå ŽåããµãããªãŒæ€çŽ¢ãããŒã¹ DN ããå§ãŸããŸãããã£ã¬ã¯ããªæ§é ã巚倧ãªå Žåããã°ã€ã³ããã³å®æœããããã°ã€ã³ã«äŸåããæäœã«ã€ããŠãããã©ãŒãã³ã¹ã®åé¡ãçããå¯èœæ§ããããŸãã
LDAP æš©é
èšå® | 説æ |
---|---|
èªã¿åãå°çš | LDAP ãŠãŒã¶ãŒãã°ã«ãŒããã¡ã³ããŒã·ããã¯ããã£ã¬ã¯ã㪠ãµãŒããŒããååŸããããã£ã¬ã¯ã㪠ãµãŒããŒãä»ããŠã®ã¿å€æŽããããšãã§ããŸããã¢ããªã±ãŒã·ã§ã³ç®¡çç»é¢ãã LDAP ãŠãŒã¶ãŒãã°ã«ãŒãããŸãã¯ã¡ã³ããŒã·ããã倿Žããããšã¯ã§ããŸããã |
ããŒã«ã« ã°ã«ãŒãã§ã®èªã¿åãå°çš | LDAP ãŠãŒã¶ãŒãã°ã«ãŒããã¡ã³ããŒã·ããã¯ããã£ã¬ã¯ã㪠ãµãŒããŒããååŸããããã£ã¬ã¯ã㪠ãµãŒããŒãä»ããŠã®ã¿å€æŽããããšãã§ããŸããã¢ããªã±ãŒã·ã§ã³ç®¡çç»é¢ãã LDAP ãŠãŒã¶ãŒãã°ã«ãŒãããŸãã¯ã¡ã³ããŒã·ããã倿Žããããšã¯ã§ããŸããããã ããå éšãã£ã¬ã¯ããªã«ã°ã«ãŒãã远å ãããããã®ã°ã«ãŒãã« LDAP ãŠãŒã¶ãŒã远å ããããšãã§ããŸãã |
é«åºŠãªèšå®
以éã«èšèŒãããŠãã [Manage User Status Locally] ãªãã·ã§ã³ã¯ Bitbucket Server å ã§åäœããŸããããã®ãªãã·ã§ã³ãæå¹ã«ããªãã§ãã ããã
èšå® | 説æ |
---|---|
Enable Nested Groups | å ¥ãåã°ã«ãŒãã®ãµããŒããæå¹ãŸãã¯ç¡å¹ã«ããŸãã ããã€ãã®ãã£ã¬ã¯ããªãµãŒããŒã¯ãã°ã«ãŒããå¥ã®ã°ã«ãŒãã®ã¡ã³ããŒãšããŠå®çŸ©ããããšãèš±å¯ããŸãããã®ãããªæ§é ã®ã°ã«ãŒãã¯å
¥ãåã°ã«ãŒããšåŒã°ããŸããå
¥ãåã°ã«ãŒãã¯ã1 ã€ã®èŠªã°ã«ãŒããããã®ãµãã°ã«ãŒããžã®æš©éã®ç¶æ¿ãèš±å¯ããæš©éãã·ã³ãã«ã«ããŸãã
|
ãŠãŒã¶ãŒ ã¹ããŒã¿ã¹ãããŒã«ã«ã§ç®¡çãã | true ã®å Žåããã£ã¬ã¯ã㪠ãµãŒããŒå ã®ã¹ããŒã¿ã¹ã«é¢ä¿ãªããCrowd ã§ãŠãŒã¶ãŒãã¢ã¯ãã£ãå/éã¢ã¯ãã£ãåã§ããŸãã |
æéåãã®ãŠãŒã¶ãŒãé€å€ãã | true ã®å ŽåãActiveDirectory ã§æéåããšããŠããŒã¯ããããŠãŒã¶ãŒ ã¢ã«ãŠã³ããèªåçã«åé€ãããŸãããã£ãã·ã¥ããããã£ã¬ã¯ããªã®å ŽåããŠãŒã¶ãŒã®åé€ã¯ãã¢ã«ãŠã³ãã®æå¹æéæ¥åŸã®æåã®åæäžã«è¡ãããŸãã æ³šïŒ ããã¯çµã¿èŸŒã¿ Crowd 2.0.0 以äžã§å©çšå¯èœã§ããã2.0.0 m04 ãªãªãŒã¹ã§ã¯å©çšã§ããŸããã |
ããŒãžã³ã°ãããçµæãäœ¿çš | æ€çŽ¢çµæãã·ã³ãã«ã«ããŒãžã³ã°ãã LDAP å¶åŸ¡æ¡åŒµæ©èœã®äœ¿çšãæå¹ãŸãã¯ç¡å¹ã«ããŸããããŒãžã³ã°ãæå¹ã«ãªã£ãŠããå Žåãæ€çŽ¢ã«ãã£ãŠäžåºŠã«ãã¹ãŠã®æ€çŽ¢çµæãååŸãããã®ã§ã¯ãªããããŒã¿ã®ã»ãããååŸãããŸããå¿ èŠãªããŒãžãµã€ãºãã€ãŸããããŒãžã³ã°ãããçµæãæå¹ã§ããå ŽåãããŒãžããšã«è¿ãããæ€çŽ¢çµæã®æå€§æ°ãå ¥åããŸããæ¢å®ã¯ 1000 ã§ãã |
ç §äŒã«åŸã | ãã£ã¬ã¯ã㪠ãµãŒããŒããªã¯ãšã¹ããå¥ã®ãµãŒããŒã«ãªãã€ã¬ã¯ãããããšãèš±å¯ãããã©ãããéžæããŸãããã®ãªãã·ã§ã³ã¯ãããŒãç
§äŒ (JNDI ã«ãã¯ã¢ãã |
ãã€ãã£ã DN ãããã³ã° | ãã£ã¬ã¯ã㪠ãµãŒããŒãè¿ã DN ã®æåå衚çŸãäžè²«ããŠããå Žåããã€ãã£ã DN ãããã³ã°ãæå¹åã§ããŸãããã€ãã£ã DN ãããã³ã°ã¯ããã©ãŒãã³ã¹ã倧å¹
ã«æ¹åãããŸãããã®ãããå¯èœãªå Žåã¯æå¹åããããšããå§ãããŸãã
|
Enable Incremental Synchronization | ãã£ã¬ã¯ããªã®åææã«ãååã®åæãç §äŒãããŠããã®å€æŽã®ã¿ãå¿ èŠãªå Žåãã€ã³ã¯ãªã¡ã³ã¿ã«åæãæå¹åããŸãã
ãããã®æ¡ä»¶ã®å°ãªããšã1ã€ãæºããããªãå ŽåãActive Directory ã«è¿œå ãããïŒãŸãã¯åé€ãããïŒãŠãŒã¶ãŒã¯ãã¢ããªã±ãŒã·ã§ã³å ã§ãããã远å ïŒãŸãã¯åé€ïŒãããã«çµãããŸãã ãã®èšå®ã¯ããã£ã¬ã¯ããªã®ã¿ã€ãããMicrosoft Active Directoryãã«èšå®ãããŠããå Žåã«å©çšã§ããŸãã |
Synchronization Interval (minutes) | åæãšã¯ãã¢ããªã±ãŒã·ã§ã³ããŠãŒã¶ãŒ ããŒã¿ã®å éšã¹ãã¢ããã£ã¬ã¯ã㪠ãµãŒãäžã®ããŒã¿ã§æŽæ°ããããã»ã¹ã§ããã¢ããªã±ãŒã·ã§ã³ã¯ x åããšã«ãã£ã¬ã¯ã㪠ãµãŒããŒã«ãªã¯ãšã¹ããéä¿¡ããŸããx ã¯ããã§æå®ããæ°å€ã§ããæ¢å®å€ã¯60åã§ãã |
èªã¿èŸŒã¿ã¿ã€ã ã¢ãŠãïŒç§ïŒ | ã¬ã¹ãã³ã¹ãåä¿¡ãããŸã§ã«åŸ æ©ããæéïŒç§ïŒãæå®ãããæéå ã«ã¬ã¹ãã³ã¹ããªãå Žåãèªã¿èŸŒã¿è©Šè¡ã¯äžæ¢ãããŸããå€ã0ïŒãŒãïŒã«ãããšãç¡å¶éã«ãªããŸããããã©ã«ãå€ã¯120ç§ã§ãã |
æ€çŽ¢ã¿ã€ã ã¢ãŠãïŒç§ïŒ | æ€çŽ¢æäœããã®ã¬ã¹ãã³ã¹ãåä¿¡ãããŸã§ã«åŸ æ©ããæé (ç§)ãå€ã 0 (ãŒã) ã«ãããšãç¡å¶éã«ãªããŸããæ¢å®å€ã¯ 60 ç§ã§ãã |
æ¥ç¶ã¿ã€ã ã¢ãŠãïŒç§ïŒ | ãã®èšå®ã¯2ã€ã®æäœã«åœ±é¿ããŸããããã©ã«ãå€ã¯0ã§ãã
|
ãŠãŒã¶ãŒ ã¹ããŒãèšå®
èšå® | 説æ |
---|---|
ãŠãŒã¶ãŒ ãªããžã§ã¯ã ã¯ã©ã¹ | ãã㯠LDAP ãŠãŒã¶ãŒ ãªããžã§ã¯ãã«äœ¿çšãããã¯ã©ã¹åã§ããäŸïŒ
|
ãŠãŒã¶ãŒ ãªããžã§ã¯ã ãã£ã«ã¿ | ãŠãŒã¶ãŒ ãªããžã§ã¯ããæ€çŽ¢ãããšãã«äœ¿çšãããã£ã«ã¿ãŒãäŸïŒ
ãã®ä»ã®äŸã¯ããã¬ããžããŒã¹ã§ç¢ºèªã§ããŸãããLDAP æ€çŽ¢ãã£ã«ã¿ãŒã®äœææ¹æ³ããã芧ãã ããã |
ãŠãŒã¶ãŒå屿§ | ãŠãŒã¶ãŒåãèªã¿èŸŒããšãã«äœ¿çšãã屿§ãã£ãŒã«ããäŸïŒ
åèïŒ Active Directory ã§ã¯ããsAMAccountNameããããŠãŒã¶ãŒ ãã°ã€ã³åïŒWindows 2000 以åïŒããã£ãŒã«ãã§ãããŠãŒã¶ãŒ ãã°ã€ã³åãã£ãŒã«ãã¯ãcnãã§åç §ãããŸãã |
ãŠãŒã¶ãŒå RDN 屿§ | ãŠãŒã¶ãŒåãããŒããããšãã«äœ¿çšãã RDN (çžå¯Ÿèå¥å)ãå LDAP ãšã³ããªã® DN 㯠2 ã€ã®éšå (èšé²ãæ ŒçŽããã RDN ããã³ LDAP ãã£ã¬ã¯ããªå ã®å Žæ) ã§æ§æãããŸããRDN ã¯ãã£ã¬ã¯ããªããªãŒæ§é ãšé¢ä¿ãªã DN ã®äžéšã§ããäŸ:
|
ãŠãŒã¶ã®å屿§ | ãŠãŒã¶ãŒã®åãèªã¿èŸŒããšãã«äœ¿çšãã屿§ãã£ãŒã«ããäŸïŒ
|
ãŠãŒã¶ãŒã®å§å±æ§ | ãŠãŒã¶ãŒã®å§ãèªã¿èŸŒããšãã«äœ¿çšãã屿§ãã£ãŒã«ããäŸïŒ
|
ãŠãŒã¶ãŒã®è¡šç€ºå屿§ | ãŠãŒã¶ãŒã®æ°åãèªã¿èŸŒããšãã«äœ¿çšãã屿§ãã£ãŒã«ããäŸïŒ
|
ãŠãŒã¶ãŒã®ã¡ãŒã«å±æ§ | ãŠãŒã¶ãŒã®ã¡ãŒã«ã¢ãã¬ã¹ãèªã¿èŸŒããšãã«äœ¿çšãã屿§ãã£ãŒã«ããäŸïŒ
|
ãŠãŒã¶ãŒã®ãã¹ã¯ãŒã屿§ | ãŠãŒã¶ãŒã®ãã¹ã¯ãŒããèªã¿èŸŒããšãã«äœ¿çšãã屿§ãã£ãŒã«ããäŸïŒ
|
ãŠãŒã¶ãŒ ãŠããŒã¯ ID 屿§ | 屿§ã¯ããŠãŒã¶ãŒ ãªããžã§ã¯ãã«å¯Ÿããäžæãã€äžå€ã® ID ãšããŠäœ¿çšãããŸããããã¯ããªãã·ã§ã³ã§ããããŠãŒã¶ãŒåã®å€æŽã®è¿œè·¡ã«äœ¿çšãããŸãããã®å±æ§ãèšå®ãããŠããªãå Žå (ãŸãã¯ç¡å¹ãªå€ã«èšå®ãããŠããå Žå)ããŠãŒã¶ãŒåã¯æ€åºãããŸããããŠãŒã¢ãŒã®åé€åŸã®æ°ãããŠãŒã¶ãŒã®è¿œå ãšããŠè§£éãããŸãã ããã¯éåžžãUUID å€ãæããŠããå¿ èŠããããŸããæšæºæºæ LDAP ãµãŒããŒã¯ããããentryUUIDããšããŠå®è£ ããŸããããã¯RFC 4530ã«åŸããŸããäžéšã®ãµãŒããŒã§ã¯ç°ãªãååã§ç¥ãããŠããããããã®èšå®ãååšããŸãïŒMicrosoft Active Directory ã§ã¯objectGUIDïŒã |
Â
Â
ã°ã«ãŒã ã¹ããŒãèšå®
èšå® | 説æ |
---|---|
ã°ã«ãŒã ãªããžã§ã¯ã ã¯ã©ã¹ | ãã㯠LDAP ã°ã«ãŒã ãªããžã§ã¯ãã«äœ¿çšãããã¯ã©ã¹åã§ããäŸïŒ
|
ã°ã«ãŒã ãªããžã§ã¯ã ãã£ã«ã¿ãŒ | ã°ã«ãŒã ãªããžã§ã¯ããæ€çŽ¢ãããšãã«äœ¿çšãããã£ã«ã¿ãŒãäŸïŒ
|
ã°ã«ãŒãå屿§ | ã°ã«ãŒãåãèªã¿èŸŒããšãã«äœ¿çšãã屿§ãã£ãŒã«ããäŸïŒ
|
ã°ã«ãŒã説æå±æ§ | ã°ã«ãŒãåãèªã¿èŸŒããšãã«äœ¿çšãã屿§ãã£ãŒã«ããäŸ:
|
ã¡ã³ããŒã·ãã ã¹ããŒãèšå®
èšå® | 説æ |
---|---|
ã°ã«ãŒã ã¡ã³ããŒ å±æ§ | ã°ã«ãŒãã®ã¡ã³ããŒãèªã¿èŸŒããšãã«äœ¿çšãã屿§ãã£ãŒã«ããäŸïŒ
|
ãŠãŒã¶ãŒ ã¡ã³ããŒã·ãã屿§ | ãŠãŒã¶ãŒã®ã°ã«ãŒããèªã¿èŸŒããšãã«äœ¿çšãã屿§ãã£ãŒã«ããäŸïŒ
|
ãŠãŒã¶ãŒã®ã°ã«ãŒã ã¡ã³ããŒã·ãããæ€çŽ¢ããéã«ããŠãŒã¶ãŒ ã¡ã³ããŒã·ãã屿§ã䜿çšãã | ãã£ã¬ã¯ã㪠ãµãŒããŒããŠãŒã¶ãŒã®ã°ã«ãŒã ã¡ã³ããŒã·ããããµããŒãããŠããå Žåã«ããã®ããã¯ã¹ãéžæããŸã (æ¢å®ã§ã¯ãããã "
|
ã°ã«ãŒãã®ã¡ã³ããŒãæ€çŽ¢ããéã«ããŠãŒã¶ãŒ ã¡ã³ããŒã·ãã屿§ã䜿çšãã | ãã£ã¬ã¯ã㪠ãµãŒããŒããŠãŒã¶ãŒã®ã°ã«ãŒã ã¡ã³ããŒã·ããããµããŒãããŠããå Žåã«ããã®ããã¯ã¹ãéžæããŸã (æ¢å®ã§ã¯ãããã "
|
ãã®å 容ã¯ã圹ã«ç«ã¡ãŸããã?
ã¯ã ãã®èšäºã«ã€ããŠã®ãã£ãŒãããã¯ãéä¿¡ãã