Changes

Jump to: navigation, search
/* Load Balancer as a Service (LBaaS) - Account example */
description: The sub tree for the accounts of the Load Balancer as a Service (LBaaS).
</source>
 
The following table describes the different attributes:
{| border="1" style="border-collapse: collapse; font-size:80%;" width="100%" class="wikitable sortable"
! style="text-align:left; width: 180px" | Attribute
! style="text-align:left; width: 220px" | Objectclass
! style="width: 80px" | Existance
! style="width: 80px" | Mandatory
! style="text-align:left;" | Description
 
|-
| ou
| organizationalUnit
| <center>MUST</center>
| <center>x</center>
| The name of the leaf.
 
In this case: <code>accounts</code>.
 
|-
| description
| organizationalUnit
| <center>MAY</center>
| <center>x</center>
| The description of the leaf.
 
In this case: <code>The sub tree for the accounts of the Load Balancer as a Service (LBaaS).</code>
 
|}
 
Legend:
* '''x''': Mandatory in all cases.
 
=== Load Balancer as a Service (LBaaS) - Account example ===
The following example shows the OpenLDAP directory entry for the stoney wiki Load Balancer as a Service (LBaaS) account with the uid number 3730083: 
<source lang="ldif">
dn: uid=3730083,ou=accounts,ou=lbaas,ou=services,dc=stoney-cloud,dc=org
objectclass: posixAccount
objectclass: shadowAccount
objectclass: sstWikisstLBaaS
objectclass: sstProvisioning
objectclass: sstRelationship
uidNumber: 3730083
gidNumber: 3730083
cn: 3730083.stoney-wiki.comgecos: 3730083Example Ltd.stoney-wiki(www.example.com) # This appears in the 'getent passwd' output. Company name and the main fully qualified domain name (FQDN).homeDirectory: /var/wiki/3/083/730home/3730083
loginShell: /bin/false
shadowFlag: 134539460
shadowWarning: 7
sstIsActive: TRUE
sstNotificationWarningOnsstLBaaSFrontendURI: TRUEsstNotificationWarninghttps: quota//www.example.com/ # Uniform Resource Identifier with optional label.sstNotificationWarningMediumsstLBaaSFrontendURI: mailhttps://example.com/ # Uniform Resource Identifier with optional label.sstInformPersonUIDsstLBaaSFrontendURI: 1000482https://api.example.com/ # Uniform Resource Identifier with optional label.sstQuotasstLBaaSBackendURI: 42949672960https://sst-int-001.os.stoney-cloud.com/ # Uniform Resource Identifier with optional label.sstSoftwareVersionsstLBaaSBackendURI: 1https://sst-int-002.31os.stoney-cloud.com/ # Uniform Resource Identifier with optional label.5sstFileUploadSizesstLBaaSHost: 5368709120haproxy-001.os.stoney-cloud.com # Fully qualified domain name (FQDN).hostsstLBaaSHost: kvmhaproxy-1110002.os.stoney-cloud.com # Fully qualified domain name (FQDN).
sstProvisioningMode: add
sstProvisioningExecutionDate: 0
sstBelongsToResellerUID: 4000000
sstBelongsToCustomerUID: 4000001
sstBelongsToPersonUIDsstBelongsToServiceUID: 40000024000003 # The service belongs to the backend host defined in the variabe (sstLBaaSBackendURI: https://sst-int-001.os.stoney-cloud.com/).sstBelongsToServiceUID: 4000004 # The service belongs to the backend host defined in the variabe (sstLBaaSBackendURI: https://sst-int-002.os.stoney-cloud.com/).
</source>
 
The LDIF above can be queried via the cli command <code>getent passwd</code>:
<syntaxhighlight lang='bash'>
getent passwd 3730083
</syntaxhighlight>
 
This will result in the following output:
<syntaxhighlight lang='text'>
# .----------------------------------------------------------------------------- login name
# | .----------------------------------------------------------------------- encrypted password indicator
# | | .--------------------------------------------------------------------- numerical user ID
# | | | .------------------------------------------------------------- numerical group ID
# | | | | .----------------------------------------------------- gecos field (the typical format is a comma-delimited list)
# | | | | | .---------------------- user home directory
# | | | | | | .-------- user command interpreter
# | | | | | | |
# | | | | | | |
3730083:x:3730083:3730083:Example Ltd. (www.example.com):/home/3730083:/bin/false
</syntaxhighlight>
The following table describes the different attributes:
{| styleborder="border-spacing:0;1"| style="border-topcollapse:0.002cm solid #000000collapse;borderfont-bottomsize:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm80%;"| '''Attribute'''| stylewidth="border-top:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;100%" class="wikitable sortable"| '''Objectclass'''| ! style="bordertext-topalign:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-rightwidth:none;padding:0.097cm;180px"| <center>'''Existence'''</center>Attribute| ! style="bordertext-topalign:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-rightwidth:none;padding:0.097cm;220px"| <center>'''Mandatory'''</center>Objectclass| ! style="border-topwidth:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;80px" | <center>'''Self-Service'''</center>Existance| ! style="border-topwidth:0.002cm solid #000000;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;80px" | <center>'''Changeable'''</center>Mandatory| ! style="bordertext-align:0.002cm solid #000000;padding:0.097cmleft;" | '''Description'''
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| uid| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| account| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| The unique identifier (uid). This attribute is created by the Self-Service interface by reading (and incrementing) the next free uid from "<cod>cn=nextfreeuid,ou=administration,dc=stoney-cloud,dc=org"</code>.
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| userPassword| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| posixAccount| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MAY</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Identifies the entry's password and encryption method in the following format: <code>{encryption method}encrypted password</code>.  For example: <code>{SSHA}zBiT1dHAZh/8zbCeyocRVWhdP0j9xJ3U. This password will be automatically set through the Self-Service interface. Afterwords, the password can be changed by the user (including the reseller and customer). The initial password is stored in clear text and is encrypted by the provisioning daemon</code>.
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| uidNumber| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| posixAccount| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Related to the /etc/shadow file, this attribute specifies the user's login ID. Is Has the same value as the '''<code>uid'''</code>. For example: '''<code>3730083'''</code>.
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| gidNumber| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| posixAccount| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Group ID number. Is Has the same value as the '''<code>uid'''</code>. For example: '''<code>3730083'''</code>.
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| cn| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| posixAccount| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| As we don't use this attribute (but the attribute is mandatory), we set this to <centercode>uid</centercode>| style="border-top:none;border-bottom:0value.002cm solid #000000;border-leftFor example:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <centercode>3730083</centercode>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Consists of the '''uid''' and the domain '''stoney-wiki.com'''. For example: '''3730083.stoney-wiki.com'''.
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| gecos| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| posixAccount| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MAY</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Named for historical reasons, the GECOS field is mandatory and is used to store extra information (such as the user's full name). Utilities such as finger or getent access this field to provide additional user information. For a personal account, this entry would consist of <code>givenName</code> and <code>surname</code>, for example <code>Michael Eichenberger</code>. These values are taken from the owners entry (ou=people). For a service account, the attribute <code>sstDisplayName</code> from the corresponding service would be used for the content of this attribute. Please be aware, that this attribute is a '''IA5String''' (OID=1.3.6.1.4.1.1466.115.121.1.26) IA5 (almost ASCII) character set (7-bit). Does NOT allow extended characters e.g. é, Ø, å etc. The Self-Service interface automatically creates the content of this attribute. Consists of the '''uid''' and the domain '''stoney-wiki.com'''. For example: '''3730083.stoney-wiki.com'''.
You can use:<br />
<code>~ $ echo "Tüpfelhyänenöhrchen" | iconv -f 'utf-8' -t 'ASCII//TRANSLIT'</code><br />
Please be aware, that some characters don't get converted properly ... For example: Ø and £. The characters $ and € work.
|-| style="border-top:none;border-bottom:0This appears in the 'getent passwd' output.002cm solid #000000;border-left:0Company name and the main fully qualified domain name (FQDN).002cm solid #000000;border-rightFor example:none;padding:0.097cm;"| homeDirectory| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| posixAccount| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <centercode>MUST</center>| style="border-top:none;border-bottom:0Example Ltd.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| The directory path corresponds with the 7 digit account uid(www. The following example describes, how the directory structure is built up for the account with the uid '''3730083'''.<code>/var/wiki/g/efg/bcd/abcdefgcom)</code><br/><code>/var/wiki/3/083/730/3730083</code>This attribute is created by the Self-Service interface.
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| loginShellhomeDirectory| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| posixAccount| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MAYMUST</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| The directory path to corresponds with the login shell7 digit account uid. The default following example describes, how the directory structure is '''built up for the account with the uid <code>3730083</bin/false''' and can no be changedcode>.
|-| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| shadowFlag| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| shadowAccount| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <centercode>MAY</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>xhome/abcdefg</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <centercode><br/center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <centercode></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Related to the home/etc/shadow file, this attribute is currently not used and is reserved for future use. The default is set to '''134539460''' and is taken from the "ou=settings,uid=3730083<UID/code>,ou=reseller,ou=configuration,ou=lbaas,ou=services,dc=stoney-cloud,dc=org" entry.
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| shadowLastChangeloginShell| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| shadowAccountposixAccount| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MAY</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>| style="border-top:none;border-bottom:0The path to the login shell.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| The default is <centercode></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>bin/false</centercode>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Related to the /etc/shadow file, this attribute specifies number of days between January 1, 1970, and the date that the password was last modified. Must be set to the day, that the password was set (must not be updated, when the password is changed). This attribute is created by the Self-Service interface.
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| shadowMaxshadowFlag| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| shadowAccount| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MAY</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Related to the <code>/etc/shadow </code> file, this attribute specifies the maximum number of days the password is validcurrently not used and is reserved for future use. The default is '''99999''', which corresponds set to about 273 years. In reality, this means, that the user does not need to change the password. This attribute is created by the Self-Service interface. The value is taken from the "ou=settings,uid=<UIDcode>134539460</code>,ou=reseller,ou=configuration,ou=lbaas,ou=services,dc=stoney-cloud,dc=org" entry.
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| shadowWarningshadowLastChange| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| shadowAccount| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MAY</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Related to the <code>/etc/shadow </code> file, this attribute specifies the number of days before between January 1, 1970, and the password expires date that the user is warnedpassword was last modified. The default is '''7''' and is taken from Must be set to the "ou=settingsday,uid=<UID>that the password was set (must be updated,ou=reseller,ou=configuration,ou=lbaas,ou=services,dc=stoney-cloud,dc=org" entrywhen the password is changed).
|-| style="border-topTo create this value, you can use:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstIsActive| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstWiki| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <centercode>MUST</center>| style="borderecho $(($(date -top:none;border-bottom:0.002cm solid #000000;borderutc -left:0.002cm solid #000000;border-right:none;padding:0.097cm;date "| <center>x</center>| style=$1"border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Is the wiki account active? Either <code>TRUE</code> (yes+%s) or <code>FALSE</code> (no86400)). Default is <code>TRUE</code> (yes) and is taken from the "ou=defaults,uid=<UID>,ou=reseller,ou=configuration,ou=lbaas,ou=services,dc=stoney-cloud,dc=org" entry.
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstNotificationWarningOnshadowMax| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstWikishadowAccount| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUSTMAY</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| Related to the <centercode></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center><etc/center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Are the users notification warnings turned on or not? Either <code>TRUEshadow</code> (yes) or file, this attribute specifies the maximum number of days the password is valid. The default is <code>FALSE99999</code> (no), which corresponds to about 273 years. Default is TRUE (yes) and is taken from the "ou=settingsIn reality,uid=<UID>this means,ou=reseller,ou=configuration,ou=lbaas,ou=services,dc=stoney-cloud,dc=org" entrythat the user does not need to change the password.
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstNotificationWarningshadowWarning| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstWikishadowAccount| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MAY</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| This multi-valued attribute will be used Related to turn single notifications on or off. The attribute the <code>sstWikiWarningOn</code> must be set to <code>TRUEetc/shadow</code>.  Currentlyfile, this attribute specifies the Load Balancer as a Service (LBaaS) only supports number of days before the password expires that the user is warned. The default is <code>quota7</code> (the names correspond with the template dn).
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstNotificationWarningMediumsstIsActive| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstWikisstRelationship| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUSTMAY</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| Is the Load Balancer as a Service (LBaaS) account active? Either <centercode>TRUE</centercode>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| The notification medium, either sms (points to the multi-valued attribute yes) or <code>mobileTelephoneNumberFALSE</code>) or mail (points to the multi-valued attribute no). Default is <code>mailTRUE</code>(yes). Currently, only mail is supported. This is the default is taken from the "ou=defaults,uid=<UID>,ou=reseller,ou=configuration,ou=lbaas,ou=services,dc=stoney-cloud,dc=org" entry.
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstSoftwareVersionsstLBaaSFrontendURI| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstWikisstLBaaS| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MAYMUST</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>| style="borderThis multi-topvalued attribute stores one or more Load Balancer as a Service (LBaaS) frontend servers in the form of a Uniform Resource Identifier with optional label. Some examples:none;border-bottom* <code>https:0//www.002cm solid #000000;border-left:0example.002cm solid #000000;border-right:none;padding:0.097cm;"| com/<center/code>* </centercode>| style="border-tophttps:none;border-bottom:0//example.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| com/<center/code>* </centercode>| style="border-tophttps:none;border-bottom:0//api.002cm solid #000000;border-left:0example.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| TBDcom/</code>
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstFileUploadSizesstLBaaSBackendURI| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstWikisstLBaaS| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MAYMUST</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>| style="borderThis multi-top:none;border-bottom:0valued attribute stores one or more Load Balancer as a Service (LBaaS) backend servers in the form of a Uniform Resource Identifier with optional label.002cm solid #000000;border-leftSome examples:0.002cm solid #000000;border-right:none;padding:0.097cm;"| * <centercode><https:/center>| style="border/sst-top:none;borderint-bottom:0001.002cm solid #000000;border-left:0os.002cm solid #000000;borderstoney-right:none;padding:0cloud.097cm;"| com/<center/code>* </centercode>| style="border-tophttps:none;border//sst-bottom:0.002cm solid #000000;borderint-left:0002.002cm solid #000000;borderos.stoney-right:0cloud.002cm solid #000000;padding:0.097cm;"| TBDcom/</code>
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| hostsstLBaaSHost| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstWikisstLBaaS| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MAYMUST</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>| style="borderThis multi-topvalued attribute stores one or more Load Balancer as a Service (LBaaS) servers in the form of a fully qualified domain name. Some examples:none;border* <code>haproxy-bottom:0001.002cm solid #000000;border-left:0os.002cm solid #000000;borderstoney-right:none;padding:0cloud.097cm;"| com<center/code>* </centercode>| style="borderhaproxy-top:none;border-bottom:0002.002cm solid #000000;border-left:0os.002cm solid #000000;borderstoney-right:none;padding:0cloud.097cm;"| <center>com</centercode>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| TBD
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstProvisioningMode| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstProvisioning| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| The provisioning mode, either <code>add</code>, <code>modify</code> or <code>delete</code>. For a new account, this attribute must be set to <code>add</code>. See [[#Provisioning | Provisioning]] for details.
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstProvisioningExecutionDate| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstProvisioning| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| The date the provisioning shall occur in the form of [YYYY][MM][DD] ([http://en.wikipedia.org/wiki/ISO_8601 ISO 8601]). For a new account, this attribute must be set to '''0'''. See [[#Provisioning | Provisioning]] for details.
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstProvisioningReturnValue| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstProvisioning| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MAY</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| The provisioning return value written by the [[stoney_wiki:_prov-wiki-mediawiki |prov-wiki-mediawiki]] daemon. '''0''' means success, '''>0''' means failure. See the prov-wiki-mediawiki [[stoney_wiki:_prov-wiki-mediawiki#Exit_Codes | Exit Codes]] for detailed information.
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstProvisioningState| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstProvisioning| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| The provisioning state, either 0 or in the form of [YYYY][MM][DD]T[hh][mm][ss] ([http://en.wikipedia.org/wiki/ISO_8601 ISO 8601]). For a new account, this attribute must be set to '''0'''. See [[#Provisioning | Provisioning]] for details.
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstBelongsToResellerUID| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstRelationship| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Stores the reseller UID the leaf belongs to.
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstBelongsToCustomerUID| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| TBDsstRelationship| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MUST</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Stores the customer UID the leaf belongs to.
|-
| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstBelongsToPersonUIDsstBelongsToServiceUID| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| sstRelationship| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>MAY</center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center>x<sup>3</sup></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:none;padding:0.097cm;"| <center></center>| style="border-top:none;border-bottom:0.002cm solid #000000;border-left:0.002cm solid #000000;border-right:0.002cm solid #000000;padding:0.097cm;"| Stores the person service UID (s) this entry belongs to. The service belongs to the leaf belongs backend host(s) defined in the variable(s) (sstLBaaSBackendURI). This multi-valued attribute can point tomultiple services (one or more LBaaS backends).
|}
Legend:
* '''x''': Mandatory in all cases.
* '''x<sup>1</sup>''': Only show, if the number is larger than zero.
* '''x<sup>2</sup>''': Only show, if <code>sstWikiWarningOn</code> is set to <code>TRUE</code>.
* '''x<sup>3</sup>''': Either <code>sstBelongsToPersonUID</code> or <code>sstBelongsToServiceUID</code> must bei set.
== Load Balancer as a Service (LBaaS) - Groups ==
description: The sub tree for the groups of the Load Balancer as a Service (LBaaS).
</source>
 
The following table describes the different attributes:
{| border="1" style="border-collapse: collapse; font-size:80%;" width="100%" class="wikitable sortable"
! style="text-align:left; width: 180px" | Attribute
! style="text-align:left; width: 220px" | Objectclass
! style="width: 80px" | Existance
! style="width: 80px" | Mandatory
! style="text-align:left;" | Description
 
|-
| ou
| organizationalUnit
| <center>MUST</center>
| <center>x</center>
| The name of the leaf.
 
In this case: <code>groups</code>.
 
|-
| description
| organizationalUnit
| <center>MAY</center>
| <center>x</center>
| The description of the leaf.
 
In this case: <code>The sub tree for the groups of the Load Balancer as a Service (LBaaS).</code>
 
|}
 
Legend:
* '''x''': Mandatory in all cases.
=== Load Balancer as a Service (LBaaS) - Group example ===
The following example shows the OpenLDAP directory entry for the Load Balancer as a Service (LBaaS) group with the uid number 3730083:
 
<source lang="ldif">
dn: cn=3730083,ou=groups,ou=lbaas,ou=services,dc=stoney-cloud,dc=org
cn: 3730083
gidNumber: 3730083
sstIsActive: TRUE
sstBelongsToResellerUID: 4000000
sstBelongsToCustomerUID: 4000001
sstBelongsToPersonUIDsstBelongsToServiceUID: 40000024000003 # The service belongs to the backend host defined in the variabe (sstLBaaSBackendURI: https://sst-int-001.os.stoney-cloud.com/).sstBelongsToServiceUID: 4000004 # The service belongs to the backend host defined in the variabe (sstLBaaSBackendURI: https://sst-int-002.os.stoney-cloud.com/).
</source>
The following table describes the different attributes:{| border="1" style= Load Balancer as a Service (LBaaS) "border- SSLcollapse: collapse; font-certificates size:80%;" width="100%" class="wikitable sortable"The leaf entries for SSL! style="text-certificates of the Load Balancer as a Service (LBaaS) are located directly below the stoney wiki account entry.align:left; width: 180px" | Attribute! style="text-align:left; width: 220px" | Objectclass! style="width: 80px" | Existance! style="width: 80px" | Mandatory! style="text-align:left;" | Description
=== Load Balancer as a Service (LBaaS) |- SSL-certificate example ===| cn| posixGroup| <source lang="ldif"center>MUST</center>| <center>x</center>| As we don't use this attribute (but the attribute is mandatory and is part of the dn: uid=3732364),we set this to <code>uid=3730083,ou=accounts,ou=lbaas,ou=services,dc=stoney-cloud,dc=orgobjectclass: topobjectclass: sstCertificateobjectclass: sstProvisioningobjectclass: sstRelationshipuid: 3732364sstWebsiteURL: wiki</code> value.stepping-stone.chhostFor example: kvm-1110sstIsActive: TRUEsstProvisioningMode: addsstProvisioningExecutionDate: 0sstProvisioningState: 0sstBelongsToResellerUID: 4000000sstBelongsToCustomerUID: 4000001sstBelongsToPersonUID: 4000002<code>3730083</sourcecode>.
== |-| gidNumber| posixGroup| <center>MUST</center>| <center>x</center>| The numerical group ID of the Load Balancer as a Service (LBaaS) group. |- Provisioning ==See | sstBelongsToResellerUID| sstRelationship| <center>MUST</center>| <center>x</center>| Stores the [[stoney core: OpenLDAP provisioningreseller UID the leaf belongs to. |OpenLDAP provisioning]] page for -| sstBelongsToCustomerUID| sstRelationship| <center>MUST</center>| <center>x</center>| Stores the overview of customer UID the provisioning functionality and [[stoney wiki: provleaf belongs to. |-wiki-mediawiki]] | sstBelongsToServiceUID| sstRelationship| <center>MAY</center>| <center>x</center>| Stores the actual wiki provisioningservice UID(s) this entry belongs to. The service belongs to the backend host(s) defined in the variable(s) (sstLBaaSBackendURI). This multi-valued attribute can point to multiple services (one or more LBaaS backends). |} Legend:* '''x''': Mandatory in all cases.
= Links =
Michael
SLB, editor, reviewer
3,368
edits
Retrieved from "http://wiki.stoney-cloud.org/wiki/Special:MobileDiff/5322...5350"