BOB and LDAP. Version: 0.2. Date: October 26, 2003

Similar documents
GSA Protocols: How and Why they are Important and Relevant to

IPV6 Deployment Experiences or what s it really like hearing IPv6 IPv6 IPv6 every day

Lecture 05 I/O statements Printf, Scanf Simple statements, Compound statements

Section 4 SOLUTION: AVL Trees & B-Trees

Configuring User VPN For Azure

AWS Remote Access VPC Bundle

zapnote Analyst: Jason Bloomberg

The Open Group. DMTF Global Management Conference June 18, Allen Brown President & CEO

ThousandEyes for. Application Delivery White Paper

Alliance Key Manager A Solution Brief for Partners & Integrators

TM-800/1000 and TS-700/900 Administrator Manual

Bruce Silver Associates Independent Expertise in BPM

Introduction to the DANE Protocol

Alliance Key Manager A Solution Brief for Technical Implementers

Root KSK Roll Update Webinar

Part I: Programming Access Applications. Chapter 1: Overview of Programming for Access. Chapter 2: Extending Applications Using the Windows API

Endian Proxy / Firewall

Enabling Branch Office Consolidation

Thinner. Greener. Better Computing.

The LDAP Protocol. Agenda. Background and Motivation Understanding LDAP

Copyright 2009 Juniper Networks, Inc.

The LDAP Protocol. Amrish Kaushik. Graduate Student USC Computer Science (CN)

Area rectangles & parallelograms

Evaluation Guide for ASP.NET Web CMS and Experience Platforms

Authors Martin Eckert Ingmar Kliche Deutsche Telekom Laboratories.

git-pr Release dev2+ng5b0396a

Resolving Network Performance Issues with Real-time Monitoring A Series of Case Studies

What is version control? (discuss) Who has used version control? Favorite VCS? Uses of version control (read)

DIRECTORY INTEGRATION: USING ACTIVE DIRECTORY FOR AUTHENTICATION. Gabriella Davis The Turtle Partnership

Speech 2 Part 2 Transcript: The role of DB2 in Web 2.0 and in the IOD World

SIP and VoIP What is SIP? What s a Control Channel? History of Signaling Channels

Stingray Traffic Manager 9.0

Digital Workflow 10 Tech Rules to Guide You

CTI-TC Weekly Working Sessions

SaaS Providers. ThousandEyes for. Summary

CRISP: Common Registry Information Service Protocol. Leslie Daigle ARIN XI Apr. 2003

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

Pointers and scanf() Steven R. Bagley

Xton Access Manager GETTING STARTED GUIDE

CUSTOMER SUCCESS STORY GRIMME GRIMME IMPROVES WORKFLOWS AND REDUCES COSTS BY MORE THAN 40% WITH NVIDIA VIRTUAL GPU

Blackfin Online Learning & Development

Tim moves to accept, Chris Z seconds. No objections or comments.

Real Life Web Development. Joseph Paul Cohen

Power over Ethernet. The Industrial Opportunity Today

Hello everyone. My name is Kundan Singh and today I will describe a project we did at Avaya Labs.

BusinessObjects Enterprise XI

APPLICATION NOTE. Microsoft Unified Communications Network Architectures. Introduction

RadBlue s S2S Quick Start Package (RQS) Developer s Guide. Version 0.1

Actual Agility with SDN: Weaving SDN into Data Center Automation May 6, John Burke Principal Research Analyst & CIO

Artificial Intelligence Prof. Deepak Khemani Department of Computer Science and Engineering Indian Institute of Technology, Madras

802.11ac FREQUENTLY ASKED QUESTIONS. May 2012

P2PSIP Draft Charter. Dean Willis March 2006

Software Design and Analysis for Engineers

Unit 1 Algebraic Functions and Graphs

BL -700 C ali brati on G ui de

Open SSO Management. Joint Session Desktop + Security + Distributed System Management

LDAP Directory Services

The Future of the Internet : IPv6 integration in African networks

The Business Case for Software-Defined Networking

File submissions to VINN and KRITA

Metadata Architectures

Oracle Privileged Account Manager

Beyond the IPv4 Internet. Geoff Huston Chief Scientist, APNIC

Understanding an App s Architecture

Secure Web Appliance. Basic Usage Guide

TRUSTED SUPPLY CHAIN & REMOTE PROVISIONING WITH THE TRUSTED PLATFORM MODULE

Lesson 13 Transcript: User-Defined Functions

FDO Data Access Technology at a Glance

Architectural Documentation 1

European Emergency Response Services

Integrating Hitachi ID Suite with WebSSO Systems

10 Things to Know about G2S

The modularity requirement

Application Servers G Session 5 - Sub-Topic 1 Java Naming and Directory Interface (JNDI) Dr. Jean-Claude Franchitti

InRule Technology Evaluation Guide

EXAMINING THE CODE. 1. Examining the Design and Code 2. Formal Review: 3. Coding Standards and Guidelines: 4. Generic Code Review Checklist:

Operating-System Structures

OpenADN: Service Chaining of Globally Distributed VNFs

Composable Infrastructure for Public Cloud Service Providers

9 Reasons To Use a Binary Repository for Front-End Development with Bower

secure, integrated call recording for single or multi-sites organisations

Parallels Virtuozzo Containers 4.6 for Windows

Russ Ristine Radical Blue Gaming

Building Java Persistence API Applications with Dali 1.0 Shaun Smith

b. Developing multiple versions of a software project in parallel

WHITEPAPER Rewrite Services. Power365 Integration Pro

Root KSK Roll Delay Update

Agenda. Naming & Directory Services. Extreme Java G Naming and directory services JNDI naming directory service provider interface Q & A

Linked lists. Prof. Noah Snavely CS1114

BCT9552 VMware Infrastructure 3 Capabilities for Improving Disaster Recovery. Jay Judkowitz Sr. Product Manager, VMware

Flash Decisions: Which Solution is Right for You?

Let s Encrypt and DANE

Dolby Conference Phone 3.1 configuration guide for West

ICANN and Technical Work: Really? Yes! Steve Crocker DNS Symposium, Madrid, 13 May 2017

How to Render SSL Useless. Render SSL Useless. By Ivan Ristic 1 / 27

Drawing in 3D (viewing, projection, and the rest of the pipeline)

lessons learned from living with LDAP

Data Structures and Algorithms Dr. Naveen Garg Department of Computer Science and Engineering Indian Institute of Technology, Delhi.

Inventions on using LDAP for different purposes- Part-3

Module 4: Index Structures Lecture 13: Index structure. The Lecture Contains: Index structure. Binary search tree (BST) B-tree. B+-tree.

Transcription:

BOB and LDAP Version: 0.2 Date: October 26, 2003 39355 California Street, Suite 307 Fremont, CA 94538 Tel: 510.744.4007 Fax: 510.608.5917 www.gamingstandards.com DRAFT

39355 California Street, Suite 307 Fremont, CA 94538 Tel: 510.744.4007 Fax: 510.608.5917 www.gamingstandards.com Table of Contents 1 Introduction... 3 2 Justification... 3 3 Schema... 4 3.1 Schema Object: GSAEGM... 4 3.2 Schema Object: GSAHostSystem... 5 3.3 Schema Object: GSAEGMReference... 5 4 LDAP Tree... 5 5 Searching during Bootstrap... 7 10/26/2003 DRAFT Page 2 of 7

39355 California Street, Suite 307 Fremont, CA 94538 Tel: 510.744.4007 Fax: 510.608.5917 www.gamingstandards.com 1 Introduction This paper covers how LDAP fits into the BOB standard. LDAP will be used to provide the following functionality: 1. Centralized Configuration Management 2. SSL Session Management This paper will define the LDAP schema to support this functionality and then will describe how LDAP will be used to deliver on this functionality. 2 Justification The BOB standard consists of two major components: 1. Flow of run time information between EGMs and Host Systems. 2. The boot process for EGMs. LDAP addresses the second component. The goal of including LDAP in the BOB standard is borne out of the following requirements: 1. In order to foster innovation the issue of configuration information, in particular the configuration information for EGMs, must be addressed. 2. Therefore the BOB standard must address the issue of configuration information storage. 3. The BOB standard must also address the issue of access (both read and write) of configuration information. 4. The BOB standard must propose a solution that is vendor neutral in regards to configuration information. 5. And the solution must be: a. Highly scaleable b. Platform neutral c. Inherently secure d. Redundant e. Easy for operators to implement and operate Therefore the BOB committee must select a technology that meets these requirements. There are two courses here: 1. Invent something new that meets all of these requirements. 2. Use an existing, open technology that meets these requirements. 10/26/2003 DRAFT Page 3 of 7

39355 California Street, Suite 307 Fremont, CA 94538 Tel: 510.744.4007 Fax: 510.608.5917 www.gamingstandards.com It is our recommendation that the BOB committee select LDAP. The benefits of going with LDAP are: 1. Open standard for storage 2. Open standard for data access (the LDAP API) 3. Security control 4. Scaleable 5. Redundancy built in The draw backs of LDAP are: 1. New API for the vendors to learn and implement. 2. New server for the operator to deploy and operate. 3. New server for the vendors to learn. 4. Some change to the economic proposition for the first vendor to sell the LDAP server to the operator. 3 Schema An LDAP Schema defines what logical objects exist in the LDAP server. Schemas from multiple vendors can (usually) exist in the same tree. At this point in time BOB committee has not been able to nail down the LDAP Schema. But we ll start with what we do know. Right now we know we need three schema objects: 1. GSAEGM 2. GSAHostSystem 3. GSABackOffSystem We will now talk about these objects. 3.1 Schema Object: GSAEGM This LDAP entry defines an EGM. Attribute Name Type Description gmid EGM ID String A unique identifier. 10/26/2003 DRAFT Page 4 of 7

39355 California Street, Suite 307 Fremont, CA 94538 Tel: 510.744.4007 Fax: 510.608.5917 www.gamingstandards.com 3.2 Schema Object: GSAHostSystem This LDAP entry defines a Host System. There is nothing yet in the BOB standard specifically addressing Host Systems. But future versions will. This object is a place holder for that work. For right now we won t define any attributes. Attribute Name Type Description 3.3 Schema Object: GSAEGMReference This LDAP entry defines a reference to an EGM entry. That is, an object of this type points to a GSAEGM somewhere else in the LDAP tree. Attribute Name Type Description Gmid EGM ID String A unique identifier Ref Reference DN DN Pointer to where the EGM exists in the LDAP tree. 4 LDAP Tree The organization of the tree is completely deployment dependent. The standard must address this fact. The solution is for the BOB standard to define a Reference Model. A Reference Model is an architecture for an LDAP server in which the client does a double query. The first query is to a known location in the tree. The response contains a pointer to the real data. Using this response the client issues a second query which gets the real information. This is also sometimes known as a Referral Model. Referral Models use the Referral feature of the LDAPv2 standard. However, Referrals are not well implemented across all LDAP Servers and all LDAP API implementations. So at this point it makes sense to have the client do a manual double query operation. 10/26/2003 DRAFT Page 5 of 7

39355 California Street, Suite 307 Fremont, CA 94538 Tel: 510.744.4007 Fax: 510.608.5917 www.gamingstandards.com Having said that, we can diagram a possible LDAP Server implementation. In this example we have two roots: o=casinoroot and o=gsaroot. o=casinoroot o o=egms cn=egm 1 gmid=gsa.com@123456 cn=egm 2 object: GSAEGM gmid=gsa.com@876543 cn=egm 3 o o=host Systems o=gsaroot object: GSAEGM gmid=gsa.com@999999 Host System 1 object: GSAEGM Host System 2 object: GSAHostSystem Host System 3 o EGM Group Entry 1 object: GSAHostSystem object: GSAHostSystem gmid=gsa.com@123456 ref=cn=egm 1, o=egms, o=casinoroot object: GSAEGMRef 10/26/2003 DRAFT Page 6 of 7

39355 California Street, Suite 307 Fremont, CA 94538 Tel: 510.744.4007 Fax: 510.608.5917 www.gamingstandards.com Entry 2 gmid=gsa.com@876543 ref=cn=egm 2, o=egms, o=casinoroot object: GSAEGMRef Entry 3 gmid=gsa.com@999999 ref=cn=egm 3, o=egms, o=casinoroot object: GSAEGMRef 5 Searching during Bootstrap The principal operation performed by the LDAP Server, at least from the perspective of the EGM, is to locate the EGM entry in the LDAP Server. That is, when an EGM boots up it must find its entry in the LDAP Server. When you search the LDAP tree for an EGM entry you need two pieces of information: LDAP Search Root LDAP Search Statement The BOB standard should dictate that every casino LDAP Server have a branch that starts with o=gsaroot. That is, for the casino deployment to be BOB Compliant the local LDAP Server must have an LDAP root that starts with o=gsaroot. Once you have the tree standard established, you will do something like this: (gmid=gsa.com@837853535) The response is then an LDAP entry which contains the attribute ref which points to where the actual EGM record resides. So the EGM will fetch a GSAEGMRef object and then use the dn attribute in there to find the actual GSAEGM entry. Justification: many people will ask why we do it this way. It is for a couple of reasons: 1. It is impossible for the GSA to impose a shape on the LDAP server of the casino operator. Maybe not today but in the future the casino operator will use LDAP to keep all of their configuration information, including player information. All vendors that store information in the local LDAP server have to coexist. The GSA must do so as well. 2. The flexibility imposed by this scheme relieves the operator from having a brittle LDAP server. A reference Model is much more flexible. The target data can be moved anywhere in the tree and the EGM bootstrap sequence does not change. 10/26/2003 DRAFT Page 7 of 7

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback