Bitbucket Server ãæ¢åã® LDAP ãã£ã¬ã¯ããªã«æ¥ç¶ãã
You can connect Bitbucket Data Center and Server to an existing LDAP user directory, so that your existing users and groups in an enterprise directory can be used in Bitbucket. The LDAP directory is used for both user authentication and account management.
Bitbucket is able to connect to the following LDAP directory servers:
- Microsoft Active Directory
- Apache Directory Server (ApacheDS) 1.0.x ããã³ 1.5.x
- Apple Open Directory (èªã¿åãå°çš)
- Fedora Directory Server (èªã¿åãå°çš Posix Schema)
- Novell eDirectory ãµãŒã
- OpenDS
- OpenLDAP
- Open LDAP (èªã¿åãå°çš Posix Schema)
- Generic Posix/RFC2307 ãã£ã¬ã¯ã㪠(èªã¿åãå°çš)
- Sun Directory Server Enterprise Edition (DSEE)
- ä»»æã®æ±çš LDAP ãã£ã¬ã¯ã㪠ãµãŒããŒ
On this page
é¢é£ããŒãž
Connecting Atlassian Bitbucket to your external directory is not sufficient to allow your users to log in. You must explicitly grant them access to Bitbucket in the global permission screen.
æš©éãä»äžããéã¯ãåã ã®ã¢ã«ãŠã³ãã§ã¯ãªãã°ã«ãŒãã䜿çšããããšãããããããŸãã
ã©ã€ã»ã³ã¹ã®èæ ®äºé
When connecting Bitbucket to an external directory, be careful not to allow access by more users than your Bitbucket license allows. If the license limit is exceeded, your developers will not be able to push commits to repositories, and Bitbucket will display a warning banner. See this FAQ.
Synchronization when Bitbucket is first connected to the LDAP directory
When you first connect Bitbucket to an existing LDAP directory, the Bitbucket internal directory is synchronized with the LDAP directory. User information, including groups and group memberships, is copied across to the Bitbucket directory.
ã¢ãã©ã·ã¢ã³ã§ã¯ã瀟å ã®ããŒã«ã« ãããã¯ãŒã¯ã§ã10,000 ãŠãŒã¶ãŒã1000 ã°ã«ãŒãã200,000 ã¡ã³ããŒã·ããã§æ§æããã Active Directory ãµãŒããŒãšã®åæã®å éšãã¹ãã宿œããŸããããã®çµæãååã®åæã¯çŽ 5 åãããããšã確èªããŸãããåŸã«AD ãµãŒããŒäžã§ 100 åã®å€æŽãè¡ã£ãå Žåã®åæã¯ãæ°ç§ã§å®äºããŸããã以éã®ãªãã·ã§ã³ãåç §ããŠãã ããã
Note that when Bitbucket is connected to an LDAP directory, you cannot update user details in Bitbucket. Updates must be done directly on the LDAP directory, perhaps using a LDAP browser tool such as Apache Directory Studio.
ãªãã·ã§ã³ - LDAP ãã£ã«ã¿ãŒã䜿çšããŠåæããããŠãŒã¶ãŒãã°ã«ãŒãã®æ°ãå¶éãã
You can use LDAP filters to restrict the users and groups that are synchronized with the Bitbucket internal directory. You may wish to do this in order to limit the users or groups that can access Bitbucket, or if you are concerned that synchronization performance may be poor.Â
ããšãã°ã"bitbucket_user" ãŸã㯠"red_team", ãšããååã®ã°ã«ãŒãã®ã¿ã«åæãå¶éããã«ã¯ãGroup Object Filter ãã£ãŒã«ãã«ä»¥äžãå ¥åããŸã (以éã®ãã°ã«ãŒã ã¹ããŒãã®èšå®ããåç §)ã
(&(objectClass=group)(|(cn=bitbucket_user)(cn=red_team)))
ãã£ã«ã¿ãŒã®è©³çްãäŸã«ã€ããŠã¯ããLDAP æ€çŽ¢ãã£ã«ã¿ãŒã®äœææ¹æ³ããåç §ããŠãã ããããããã®äŸãåçŽã«ã³ããŒããã®ã§ã¯ãªããèªèº«ã®ãã£ã¬ã¯ã㪠ããªãŒã«ããããŸããŸãªã³ã³ããã屿§ãããã³ãªããžã§ã¯ã ã¯ã©ã¹ã®ååãç¥ã£ãŠããå¿ èŠããããŸããApache Directory Studio ãªã©ã®ããŒã«ã䜿çšããŠãã®ãããªã³ã³ããåãèŠã€ããããšãã§ããŸãã
ãŠãŒã¶ãŒããã°ã€ã³ã詊ã¿ããšãã®èªèšŒ
When a user attempts to log in to Bitbucket, once synchronization has completed, Bitbucket confirms that the user exists in it's internal directory and then passes the user's password to the LDAP directory for confirmation. If the password matches that stored for the user, LDAP passes a confirmation back to Bitbucket, and Bitbucket logs in the user. During the user's session, all authorizations (i.e. access to Bitbucket resources such as repositories, pull requests and administration screens) are handled by Bitbucket, based on permissions maintained byBitbucket in its internal directory.
Connecting Bitbucket
To connect Bitbucket to an LDAP directory:
- "管ç" æš©éãæã€ãŠãŒã¶ãŒãšããŠãã°ã€ã³ããŸãã
- In the Bitbucket administration area, click User Directories (under 'Accounts').
- [ãã£ã¬ã¯ããªã®è¿œå ] ãã¯ãªãã¯ãããã£ã¬ã¯ã㪠ã¿ã€ããšã㊠[Microsoft Active Directory] ãŸã㯠[LDAP] ãéžæããŸãã
- 以äžã®è¡šã§èª¬æãããŠããããã«ãã£ã¬ã¯ããªèšå®ãæ§æããŸãã
- ãã£ã¬ã¯ããªèšå®ãä¿åããŸãã
- "ãŠãŒã¶ãŒ ãã£ã¬ã¯ããª" ç»é¢ã§åãã£ã¬ã¯ããªã®æšªã«ããéè²ã®ç¢å°ãã¯ãªãã¯ããŠããã£ã¬ã¯ããªã®é åºãå®çŸ©ããŸãããã£ã¬ã¯ããªé ã¯æ¬¡ã®ããã«åœ±é¿ããŸãã
- ãã£ã¬ã¯ããªã®é åºã¯ããŠãŒã¶ãŒããã³ã°ã«ãŒãã®æ€çŽ¢é åºã§ãã
- ãŠãŒã¶ãŒããã³ã°ã«ãŒããžã®å€æŽã¯ãã¢ããªã±ãŒã·ã§ã³ã倿޿š©éãæã€æåã®ãã£ã¬ã¯ããªã«å¯ŸããŠã®ã¿è¡ãããŸãã
ãµãŒããŒèšå®
èšå® | 説æ |
---|---|
åå | LDAP ãã£ã¬ã¯ã㪠ãµãŒããŒãèå¥ããã®ã«åœ¹ç«ã€ããããããååãå ¥åããŸããäŸïŒ
|
ãã£ã¬ã¯ã㪠ã¿ã€ã | æ¥ç¶ãã LDAP ãã£ã¬ã¯ããªã®ã¿ã€ããéžæããŸããæ°ãã LDAP æ¥ç¶ã远å ããå Žåãããã§éžæããå€ã«ãã£ãŠãç»é¢ã®æ®ãã®ãªãã·ã§ã³ã®å€ãã®ããã©ã«ãå€ã決å®ããŸããäŸïŒ
|
ãã¹ãå | ãã£ã¬ã¯ã㪠ãµãŒãã®ãã¹ãåãäŸïŒ
|
ããŒã | ãã£ã¬ã¯ã㪠ãµãŒããŒããªã¹ã³ããããŒããäŸïŒ
|
SSL ã䜿çšãã | ãã£ã¬ã¯ã㪠ãµãŒããŒãžã®æ¥ç¶ã SSL (Secure Sockets Layer) æ¥ç¶ã®å Žåã¯ããªã³ã«ããŸãããã®èšå®ã䜿çšããã«ã¯ãSSL èšŒææžãèšå®ããå¿ èŠããããŸãã |
ãŠãŒã¶å | ãã£ã¬ã¯ã㪠ãµãŒããŒã«æ¥ç¶ããéã«ã¢ããªã±ãŒã·ã§ã³ã䜿çšãããŠãŒã¶ãŒã®èå¥åãäŸïŒ
ããã©ã«ãã§ã¯ããã¹ãŠã®ãŠãŒã¶ãŒã uSNChanged 屿§ãèªã¿åãããšãã§ããŸãããã ãã管çè ãŸãã¯é¢é£ããæš©éãæã€ãŠãŒã¶ãŒã®ã¿ãå逿žã¿ãªããžã§ã¯ã ã³ã³ããã«ã¢ã¯ã»ã¹ããããšãã§ããŸãããŠãŒã¶ãŒã LDAP ã«æ¥ç¶ããã®ã«å¿ èŠãªç¹å®ã®æš©éã¯ãããã€ã³ããããã³ãèªã¿åããïŒãŠãŒã¶ãŒæ å ±ãã°ã«ãŒãæ å ±ãã°ã«ãŒã ã¡ã³ããŒã·ãããæŽæ°ã·ãŒã±ã³ã¹çªå·ãå逿žã¿ãªããžã§ã¯ãïŒã§ãããããã¯ãActive Directory ã®çµã¿èŸŒã¿ã®ç®¡çè ã°ã«ãŒãã®ã¡ã³ããŒã§ãããŠãŒã¶ãŒãååŸããããšãã§ããŸãã ãããã®æš©éãæããªããŠãŒã¶ãŒã Active Directory ã«ã¢ã¯ã»ã¹ãããšãã€ã³ã¯ãªã¡ã³ã¿ã«åæã¯ãµã€ã¬ã³ãã«å€±æããããšã«æ³šæããŠãã ããããã㯠CWD-3093 ãšããŠå ±åãããŠããŸãã |
ãã¹ã¯ãŒã | äžèšã§æå®ãããŠãŒã¶ãŒã®ãã¹ã¯ãŒãã æ³šïŒ LDAP ãµãŒããŒãžã®æ¥ç¶ã§ã¯ããã®ã¢ããªã±ãŒã·ã§ã³ãããã§èšå®ããããŠãŒã¶ãŒåãšãã¹ã¯ãŒãã§ãµãŒããŒã«ãã°ã€ã³ããå¿ èŠããããŸããçµæãšããŠããã®ãã¹ã¯ãŒãã¯äžæ¹åã«ããã·ã¥åããããšãã§ããŸããããã®ã¢ããªã±ãŒã·ã§ã³ã®ã³ã³ããã¹ãã§å埩å¯èœã§ããå¿ èŠããããŸãããã¹ã¯ãŒãã¯çŸåšãé£èªåãããŠããªããã¬ãŒã³ ããã¹ãã§ããŒã¿ããŒã¹ã«ä¿åãããŠããŸããã»ãã¥ãªãã£ãä¿èšŒããã«ã¯ãä»ã®ããã»ã¹ããã®ã¢ããªã±ãŒã·ã§ã³ã®ããŒã¿ããŒã¹ãŸãã¯èšå®ãã¡ã€ã«ã«å¯Ÿãã OS ã¬ãã«ã®èªã¿åãæš©éãæã£ãŠããªãããšã確èªããå¿ èŠããããŸãã |
LDAP ã¹ããŒã
èšå® | 説æ |
---|---|
ããŒã¹ DN | ãã£ã¬ã¯ã㪠ãµãŒããŒã«å¯ŸããŠã¯ãšãªãå®è¡ããå Žåã«äœ¿çšããã«ãŒãèå¥åïŒDNïŒãäŸïŒ
|
远å ã®ãŠãŒã¶ãŒ DN | ãã®å€ã¯ããŠãŒã¶ãŒã®æ€çŽ¢ããã³èªã¿èŸŒã¿æã«ãããŒã¹ DN ã«å ããŠäœ¿çšãããŸããå€ãæäŸãããªãå ŽåããµãããªãŒæ€çŽ¢ã¯ããŒã¹ DN ããéå§ãããŸããäŸïŒ
|
远å ã®ã°ã«ãŒã DN | ãã®å€ã¯ãã°ã«ãŒãã®æ€çŽ¢ããã³èªã¿èŸŒã¿æã«ãããŒã¹ DN ã«å ããŠäœ¿çšãããŸããå€ãæäŸãããªãå ŽåããµãããªãŒæ€çŽ¢ã¯ããŒã¹ DN ããéå§ãããŸããäŸïŒ
|
远å ã®ãŠãŒã¶ãŒ DN ãŸãã¯è¿œå ã®ã°ã«ãŒã DN ã«å€ãæå®ãããŠããªãå ŽåããµãããªãŒæ€çŽ¢ãããŒã¹ DN ããå§ãŸããŸãããã£ã¬ã¯ããªæ§é ã巚倧ãªå Žåããã°ã€ã³ããã³å®æœããããã°ã€ã³ã«äŸåããæäœã«ã€ããŠãããã©ãŒãã³ã¹ã®åé¡ãçããå¯èœæ§ããããŸãã
LDAP æš©é
èšå® | 説æ |
---|---|
èªã¿åãå°çš | LDAP ãŠãŒã¶ãŒãã°ã«ãŒããã¡ã³ããŒã·ããã¯ããã£ã¬ã¯ã㪠ãµãŒããŒããååŸããããã£ã¬ã¯ã㪠ãµãŒããŒãä»ããŠã®ã¿å€æŽããããšãã§ããŸããã¢ããªã±ãŒã·ã§ã³ç®¡çç»é¢ãã LDAP ãŠãŒã¶ãŒãã°ã«ãŒãããŸãã¯ã¡ã³ããŒã·ããã倿Žããããšã¯ã§ããŸããã |
ããŒã«ã« ã°ã«ãŒãã§ã®èªã¿åãå°çš | LDAP ãŠãŒã¶ãŒãã°ã«ãŒããã¡ã³ããŒã·ããã¯ããã£ã¬ã¯ã㪠ãµãŒããŒããååŸããããã£ã¬ã¯ã㪠ãµãŒããŒãä»ããŠã®ã¿å€æŽããããšãã§ããŸããã¢ããªã±ãŒã·ã§ã³ç®¡çç»é¢ãã LDAP ãŠãŒã¶ãŒãã°ã«ãŒãããŸãã¯ã¡ã³ããŒã·ããã倿Žããããšã¯ã§ããŸããããã ããå éšãã£ã¬ã¯ããªã«ã°ã«ãŒãã远å ãããããã®ã°ã«ãŒãã« LDAP ãŠãŒã¶ãŒã远å ããããšãã§ããŸãã |
é«åºŠãªèšå®
The Manage User Status Locally option, described below, will not work within Bitbucket. Do not enable this option.
èšå® | 説æ |
---|---|
Enable Nested Groups | å ¥ãåã°ã«ãŒãã®ãµããŒããæå¹ãŸãã¯ç¡å¹ã«ããŸãã ããã€ãã®ãã£ã¬ã¯ããªãµãŒããŒã¯ãã°ã«ãŒããå¥ã®ã°ã«ãŒãã®ã¡ã³ããŒãšããŠå®çŸ©ããããšãèš±å¯ããŸãããã®ãããªæ§é ã®ã°ã«ãŒãã¯å
¥ãåã°ã«ãŒããšåŒã°ããŸããå
¥ãåã°ã«ãŒãã¯ã1 ã€ã®èŠªã°ã«ãŒããããã®ãµãã°ã«ãŒããžã®æš©éã®ç¶æ¿ãèš±å¯ããæš©éãã·ã³ãã«ã«ããŸãã
|
ãŠãŒã¶ãŒ ã¹ããŒã¿ã¹ãããŒã«ã«ã§ç®¡çãã | true ã®å Žåããã£ã¬ã¯ã㪠ãµãŒããŒå ã®ã¹ããŒã¿ã¹ã«é¢ä¿ãªããCrowd ã§ãŠãŒã¶ãŒãã¢ã¯ãã£ãå/éã¢ã¯ãã£ãåã§ããŸãã |
æéåãã®ãŠãŒã¶ãŒãé€å€ãã | true ã®å ŽåãActiveDirectory ã§æéåããšããŠããŒã¯ããããŠãŒã¶ãŒ ã¢ã«ãŠã³ããèªåçã«åé€ãããŸãããã£ãã·ã¥ããããã£ã¬ã¯ããªã®å ŽåããŠãŒã¶ãŒã®åé€ã¯ãã¢ã«ãŠã³ãã®æå¹æéæ¥åŸã®æåã®åæäžã«è¡ãããŸãã æ³šïŒ ããã¯çµã¿èŸŒã¿ Crowd 2.0.0 以äžã§å©çšå¯èœã§ããã2.0.0 m04 ãªãªãŒã¹ã§ã¯å©çšã§ããŸããã |
ããŒãžã³ã°ãããçµæãäœ¿çš | æ€çŽ¢çµæãã·ã³ãã«ã«ããŒãžã³ã°ãã LDAP å¶åŸ¡æ¡åŒµæ©èœã®äœ¿çšãæå¹ãŸãã¯ç¡å¹ã«ããŸããããŒãžã³ã°ãæå¹ã«ãªã£ãŠããå Žåãæ€çŽ¢ã«ãã£ãŠäžåºŠã«ãã¹ãŠã®æ€çŽ¢çµæãååŸãããã®ã§ã¯ãªããããŒã¿ã®ã»ãããååŸãããŸããå¿ èŠãªããŒãžãµã€ãºãã€ãŸããããŒãžã³ã°ãããçµæãæå¹ã§ããå ŽåãããŒãžããšã«è¿ãããæ€çŽ¢çµæã®æå€§æ°ãå ¥åããŸããæ¢å®ã¯ 1000 ã§ãã |
ç §äŒã«åŸã | ãã£ã¬ã¯ã㪠ãµãŒããŒããªã¯ãšã¹ããå¥ã®ãµãŒããŒã«ãªãã€ã¬ã¯ãããããšãèš±å¯ãããã©ãããéžæããŸãããã®ãªãã·ã§ã³ã¯ãããŒãç
§äŒ (JNDI ã«ãã¯ã¢ãã |
ãã€ãã£ã DN ãããã³ã° | ãã£ã¬ã¯ã㪠ãµãŒããŒãè¿ã DN ã®æåå衚çŸãäžè²«ããŠããå Žåããã€ãã£ã DN ãããã³ã°ãæå¹åã§ããŸãããã€ãã£ã DN ãããã³ã°ã¯ããã©ãŒãã³ã¹ã倧å¹
ã«æ¹åãããŸãããã®ãããå¯èœãªå Žåã¯æå¹åããããšããå§ãããŸãã
|
Enable Incremental Synchronization | ãã£ã¬ã¯ããªã®åææã«ãååã®åæãç §äŒãããŠããã®å€æŽã®ã¿ãå¿ èŠãªå Žåãã€ã³ã¯ãªã¡ã³ã¿ã«åæãæå¹åããŸãã
ãããã®æ¡ä»¶ã®å°ãªããšã1ã€ãæºããããªãå ŽåãActive Directory ã«è¿œå ãããïŒãŸãã¯åé€ãããïŒãŠãŒã¶ãŒã¯ãã¢ããªã±ãŒã·ã§ã³å ã§ãããã远å ïŒãŸãã¯åé€ïŒãããã«çµãããŸãã ãã®èšå®ã¯ããã£ã¬ã¯ããªã®ã¿ã€ãããMicrosoft Active Directoryãã«èšå®ãããŠããå Žåã«å©çšã§ããŸãã |
ã°ã«ãŒã ã¡ã³ããŒã·ããããã°ã€ã³æã«æŽæ°ãã    | ãã®èšå®ã«ãã£ãŠãã°ã«ãŒã ã¡ã³ããŒã·ãããèªèšŒäžã«æŽæ°ã§ããããã«ãªããŸããæ¬¡ã®ãããªãªãã·ã§ã³ãèšå®ã§ããŸãã
|
Synchronization Interval (minutes) | åæãšã¯ãã¢ããªã±ãŒã·ã§ã³ããŠãŒã¶ãŒ ããŒã¿ã®å éšã¹ãã¢ããã£ã¬ã¯ã㪠ãµãŒãäžã®ããŒã¿ã§æŽæ°ããããã»ã¹ã§ããã¢ããªã±ãŒã·ã§ã³ã¯ x åããšã«ãã£ã¬ã¯ã㪠ãµãŒããŒã«ãªã¯ãšã¹ããéä¿¡ããŸããx ã¯ããã§æå®ããæ°å€ã§ããæ¢å®å€ã¯60åã§ãã |
èªã¿èŸŒã¿ã¿ã€ã ã¢ãŠãïŒç§ïŒ | ã¬ã¹ãã³ã¹ãåä¿¡ãããŸã§ã«åŸ æ©ããæéïŒç§ïŒãæå®ãããæéå ã«ã¬ã¹ãã³ã¹ããªãå Žåãèªã¿èŸŒã¿è©Šè¡ã¯äžæ¢ãããŸããå€ã0ïŒãŒãïŒã«ãããšãç¡å¶éã«ãªããŸããããã©ã«ãå€ã¯120ç§ã§ãã |
æ€çŽ¢ã¿ã€ã ã¢ãŠãïŒç§ïŒ | æ€çŽ¢æäœããã®ã¬ã¹ãã³ã¹ãåä¿¡ãããŸã§ã«åŸ æ©ããæé (ç§)ãå€ã 0 (ãŒã) ã«ãããšãç¡å¶éã«ãªããŸããæ¢å®å€ã¯ 60 ç§ã§ãã |
æ¥ç¶ã¿ã€ã ã¢ãŠãïŒç§ïŒ | ãã®èšå®ã¯2ã€ã®æäœã«åœ±é¿ããŸããããã©ã«ãå€ã¯10ã§ãã
|
ãŠãŒã¶ãŒ ã¹ããŒãèšå®
èšå® | 説æ |
---|---|
ãŠãŒã¶ãŒ ãªããžã§ã¯ã ã¯ã©ã¹ | ãã㯠LDAP ãŠãŒã¶ãŒ ãªããžã§ã¯ãã«äœ¿çšãããã¯ã©ã¹åã§ããäŸïŒ
|
ãŠãŒã¶ãŒ ãªããžã§ã¯ã ãã£ã«ã¿ | ãŠãŒã¶ãŒ ãªããžã§ã¯ããæ€çŽ¢ãããšãã«äœ¿çšãããã£ã«ã¿ãŒãäŸïŒ
ãã®ä»ã®äŸã¯ããã¬ããžããŒã¹ã§ç¢ºèªã§ããŸãããLDAP æ€çŽ¢ãã£ã«ã¿ãŒã®äœææ¹æ³ããã芧ãã ããã |
ãŠãŒã¶ãŒå屿§ | ãŠãŒã¶ãŒåãèªã¿èŸŒããšãã«äœ¿çšãã屿§ãã£ãŒã«ããäŸïŒ
åèïŒ Active Directory ã§ã¯ããsAMAccountNameããããŠãŒã¶ãŒ ãã°ã€ã³åïŒWindows 2000 以åïŒããã£ãŒã«ãã§ãããŠãŒã¶ãŒ ãã°ã€ã³åãã£ãŒã«ãã¯ãcnãã§åç §ãããŸãã |
ãŠãŒã¶ãŒå RDN 屿§ | ãŠãŒã¶ãŒåãããŒããããšãã«äœ¿çšãã RDN (çžå¯Ÿèå¥å)ãå LDAP ãšã³ããªã® DN 㯠2 ã€ã®éšå (èšé²ãæ ŒçŽããã RDN ããã³ LDAP ãã£ã¬ã¯ããªå ã®å Žæ) ã§æ§æãããŸããRDN ã¯ãã£ã¬ã¯ããªããªãŒæ§é ãšé¢ä¿ãªã DN ã®äžéšã§ããäŸ:
|
ãŠãŒã¶ã®å屿§ | ãŠãŒã¶ãŒã®åãèªã¿èŸŒããšãã«äœ¿çšãã屿§ãã£ãŒã«ããäŸïŒ
|
ãŠãŒã¶ãŒã®å§å±æ§ | ãŠãŒã¶ãŒã®å§ãèªã¿èŸŒããšãã«äœ¿çšãã屿§ãã£ãŒã«ããäŸïŒ
|
ãŠãŒã¶ãŒã®è¡šç€ºå屿§ | ãŠãŒã¶ãŒã®æ°åãèªã¿èŸŒããšãã«äœ¿çšãã屿§ãã£ãŒã«ããäŸïŒ
|
ãŠãŒã¶ãŒã®ã¡ãŒã«å±æ§ | ãŠãŒã¶ãŒã®ã¡ãŒã«ã¢ãã¬ã¹ãèªã¿èŸŒããšãã«äœ¿çšãã屿§ãã£ãŒã«ããäŸïŒ
|
ãŠãŒã¶ãŒã®ãã¹ã¯ãŒã屿§ | ãŠãŒã¶ãŒã®ãã¹ã¯ãŒããèªã¿èŸŒããšãã«äœ¿çšãã屿§ãã£ãŒã«ããäŸïŒ
|
ãŠãŒã¶ãŒ ãŠããŒã¯ ID 屿§ | 屿§ã¯ããŠãŒã¶ãŒ ãªããžã§ã¯ãã«å¯Ÿããäžæãã€äžå€ã® ID ãšããŠäœ¿çšãããŸããããã¯ããªãã·ã§ã³ã§ããããŠãŒã¶ãŒåã®å€æŽã®è¿œè·¡ã«äœ¿çšãããŸãããã®å±æ§ãèšå®ãããŠããªãå Žå (ãŸãã¯ç¡å¹ãªå€ã«èšå®ãããŠããå Žå)ããŠãŒã¶ãŒåã¯æ€åºãããŸããããŠãŒã¢ãŒã®åé€åŸã®æ°ãããŠãŒã¶ãŒã®è¿œå ãšããŠè§£éãããŸãã ããã¯éåžžãUUID å€ãæããŠããå¿ èŠããããŸããæšæºæºæ LDAP ãµãŒããŒã¯ããããentryUUIDããšããŠå®è£ ããŸããããã¯RFC 4530ã«åŸããŸããäžéšã®ãµãŒããŒã§ã¯ç°ãªãååã§ç¥ãããŠããããããã®èšå®ãååšããŸãïŒMicrosoft Active Directory ã§ã¯objectGUIDïŒã |
Â
Â
ã°ã«ãŒã ã¹ããŒãèšå®
èšå® | 説æ |
---|---|
ã°ã«ãŒã ãªããžã§ã¯ã ã¯ã©ã¹ | ãã㯠LDAP ã°ã«ãŒã ãªããžã§ã¯ãã«äœ¿çšãããã¯ã©ã¹åã§ããäŸïŒ
|
ã°ã«ãŒã ãªããžã§ã¯ã ãã£ã«ã¿ãŒ | ã°ã«ãŒã ãªããžã§ã¯ããæ€çŽ¢ãããšãã«äœ¿çšãããã£ã«ã¿ãŒãäŸïŒ
|
ã°ã«ãŒãå屿§ | ã°ã«ãŒãåãèªã¿èŸŒããšãã«äœ¿çšãã屿§ãã£ãŒã«ããäŸïŒ
|
ã°ã«ãŒã説æå±æ§ | ã°ã«ãŒãåãèªã¿èŸŒããšãã«äœ¿çšãã屿§ãã£ãŒã«ããäŸ:
|
ã¡ã³ããŒã·ãã ã¹ããŒãèšå®
èšå® | 説æ |
---|---|
ã°ã«ãŒã ã¡ã³ããŒ å±æ§ | ã°ã«ãŒãã®ã¡ã³ããŒãèªã¿èŸŒããšãã«äœ¿çšãã屿§ãã£ãŒã«ããäŸïŒ
|
ãŠãŒã¶ãŒ ã¡ã³ããŒã·ãã屿§ | ãŠãŒã¶ãŒã®ã°ã«ãŒããèªã¿èŸŒããšãã«äœ¿çšãã屿§ãã£ãŒã«ããäŸïŒ
|
ãŠãŒã¶ãŒã®ã°ã«ãŒã ã¡ã³ããŒã·ãããæ€çŽ¢ããéã«ããŠãŒã¶ãŒ ã¡ã³ããŒã·ãã屿§ã䜿çšãã | ãã£ã¬ã¯ã㪠ãµãŒããŒããŠãŒã¶ãŒã®ã°ã«ãŒã ã¡ã³ããŒã·ããããµããŒãããŠããå Žåã«ããã®ããã¯ã¹ãéžæããŸã (æ¢å®ã§ã¯ãããã "
|
ã°ã«ãŒãã®ã¡ã³ããŒãæ€çŽ¢ããéã«ããŠãŒã¶ãŒ ã¡ã³ããŒã·ãã屿§ã䜿çšãã | ãã£ã¬ã¯ã㪠ãµãŒããŒããŠãŒã¶ãŒã®ã°ã«ãŒã ã¡ã³ããŒã·ããããµããŒãããŠããå Žåã«ããã®ããã¯ã¹ãéžæããŸã (æ¢å®ã§ã¯ãããã "
|
ãã®å 容ã¯ã圹ã«ç«ã¡ãŸããã?
ã¯ã ãã®èšäºã«ã€ããŠã®ãã£ãŒãããã¯ãéä¿¡ãã