| 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 2021 2022 2023 2024 <2025> | Index | 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 2021 2022 2023 2024 <2025> |
| <== Date ==> | <== Thread ==> |
|---|
| Subject: | How is LDAP used in EPICS installations |
| From: | George McIntyre via Core-talk <core-talk at aps.anl.gov> |
| To: | core-talk at aps.anl.gov |
| Cc: | Michael Davidsaver <mdavidsaver at ospreydcs.com>, Greg White <greg at slac.stanford.edu> |
| Date: | Sat, 15 Mar 2025 08:02:19 +0100 |
Hi all I’m working on the new Secure PVAccess implementation of PVXS, with Micheal and Kay. We are at a stage where we are testing various authentication methods with the new protocol. One of those we’re looking at is LDAP. We want to reach out to the community to determine how you see people actually using LDAP. Are they using it for login (i.e. providing username and password (that is configured and managed by LDAP) to the LDAP API) and then using success to provide access to resources; are they using Kerberos for user authentication and LDAP primarily for user profile information and groups (e.g. phone, office, group); finally some hybrid PAM, SSSD etc. We want to get an idea of what we should provide as integration. One of the questions is how we should use and access LDAP groups when it comes to the upgraded EPICS Security. Please feel free to reply if you have any experience with how LDAP is used to log in and or to provide group information to be used with or aside from authorization. Cheers George McIntyre, CEO  Lydney, UK
george at level-N.com www.level-n.com This email and any files transmitted with it are confidential and privileged information, intended solely for the use of the individual or entity to whom they are addressed. Any unauthorised review, use, disclosure or distribution is prohibited |