LDAP group data synchronization

classic Classic list List threaded Threaded
4 messages Options
| Threaded
Open this post in threaded view
|

LDAP group data synchronization

Matthias Bernt
Dear galaxy developers,

I'm currently trying to establish galaxy at the UFZ research center in
Leipzig. I have some questions on how to match the infrastructure of
galaxy and and our local infrastructure. I would be really happy about
some comments on my ideas.

Galaxy external authentication via LDAP is already working -- worked
like a charm :)

How to integrate LDAP group data into galaxy?

My idea would be to regularly sync the groups and user-group
associations from LDAP to galaxy via the API/bioblend.

Adding groups and user-group associations should be no problem, but
how about removing users, groups, or associations? Are there any
pitfalls that I need to consider? How about data associated with deleted
users? Maybe there are already some scripts around that I could build upon?

Best,
Matthias

P.S. I'm afraid that I ask quite a lot of questions at the moment.
I hope that I will be soon able to contribute a bit.

--

-------------------------------------------
Matthias Bernt
Bioinformatics Service
Molekulare Systembiologie (MOLSYB)
Helmholtz-Zentrum für Umweltforschung GmbH - UFZ/
Helmholtz Centre for Environmental Research GmbH - UFZ
Permoserstraße 15, 04318 Leipzig, Germany
Phone +49 341 235 482296,
[hidden email], www.ufz.de

Sitz der Gesellschaft/Registered Office: Leipzig
Registergericht/Registration Office: Amtsgericht Leipzig
Handelsregister Nr./Trade Register Nr.: B 4703
Vorsitzender des Aufsichtsrats/Chairman of the Supervisory Board:
MinDirig Wilfried Kraus
Wissenschaftlicher Geschäftsführer/Scientific Managing Director:
Prof. Dr. Dr. h.c. Georg Teutsch
Administrative Geschäftsführerin/ Administrative Managing Director:
Prof. Dr. Heike Graßmann
-------------------------------------------


___________________________________________________________
Please keep all replies on the list by using "reply all"
in your mail client.  To manage your subscriptions to this
and other Galaxy lists, please use the interface at:
  https://lists.galaxyproject.org/

To search Galaxy mailing lists use the unified search at:
  http://galaxyproject.org/search/mailinglists/

smime.p7s (7K) Download Attachment
| Threaded
Open this post in threaded view
|

Re: LDAP group data synchronization

Matthias Bernt
Dear galaxy-dev,

as a follow-up to my own question I have just implemented a little
python script that syncs groups, group membership and to some extent
also users from a LDAP server to a galaxy server.

I have put this on github:

https://github.com/bernt-matthias/galaxy-group-sync

I would be happy about any comments and suggestions.

Cheers,
Matthias


On 15.03.2017 15:20, Matthias Bernt wrote:

> Dear galaxy developers,
>
> I'm currently trying to establish galaxy at the UFZ research center in
> Leipzig. I have some questions on how to match the infrastructure of
> galaxy and and our local infrastructure. I would be really happy about
> some comments on my ideas.
>
> Galaxy external authentication via LDAP is already working -- worked
> like a charm :)
>
> How to integrate LDAP group data into galaxy?
>
> My idea would be to regularly sync the groups and user-group
> associations from LDAP to galaxy via the API/bioblend.
>
> Adding groups and user-group associations should be no problem, but
> how about removing users, groups, or associations? Are there any
> pitfalls that I need to consider? How about data associated with deleted
> users? Maybe there are already some scripts around that I could build upon?
>
> Best,
> Matthias
>
> P.S. I'm afraid that I ask quite a lot of questions at the moment.
> I hope that I will be soon able to contribute a bit.
>
--

-------------------------------------------
Matthias Bernt
Bioinformatics Service
Molekulare Systembiologie (MOLSYB)
Helmholtz-Zentrum für Umweltforschung GmbH - UFZ/
Helmholtz Centre for Environmental Research GmbH - UFZ
Permoserstraße 15, 04318 Leipzig, Germany
Phone +49 341 235 482296,
[hidden email], www.ufz.de

Sitz der Gesellschaft/Registered Office: Leipzig
Registergericht/Registration Office: Amtsgericht Leipzig
Handelsregister Nr./Trade Register Nr.: B 4703
Vorsitzender des Aufsichtsrats/Chairman of the Supervisory Board:
MinDirig Wilfried Kraus
Wissenschaftlicher Geschäftsführer/Scientific Managing Director:
Prof. Dr. Dr. h.c. Georg Teutsch
Administrative Geschäftsführerin/ Administrative Managing Director:
Prof. Dr. Heike Graßmann
-------------------------------------------


___________________________________________________________
Please keep all replies on the list by using "reply all"
in your mail client.  To manage your subscriptions to this
and other Galaxy lists, please use the interface at:
  https://lists.galaxyproject.org/

To search Galaxy mailing lists use the unified search at:
  http://galaxyproject.org/search/

smime.p7s (7K) Download Attachment
| Threaded
Open this post in threaded view
|

Re: LDAP group data synchronization

Hans-Rudolf Hotz
Hi Matthias

This is great! Thank you very much for sharing this with the community.

I hope I will find time to test this with our server soon.


Regards, Hans-Rudolf


On 03/30/2017 01:24 PM, Matthias Bernt wrote:

> Dear galaxy-dev,
>
> as a follow-up to my own question I have just implemented a little
> python script that syncs groups, group membership and to some extent
> also users from a LDAP server to a galaxy server.
>
> I have put this on github:
>
> https://github.com/bernt-matthias/galaxy-group-sync
>
> I would be happy about any comments and suggestions.
>
> Cheers,
> Matthias
>
>
> On 15.03.2017 15:20, Matthias Bernt wrote:
>> Dear galaxy developers,
>>
>> I'm currently trying to establish galaxy at the UFZ research center in
>> Leipzig. I have some questions on how to match the infrastructure of
>> galaxy and and our local infrastructure. I would be really happy about
>> some comments on my ideas.
>>
>> Galaxy external authentication via LDAP is already working -- worked
>> like a charm :)
>>
>> How to integrate LDAP group data into galaxy?
>>
>> My idea would be to regularly sync the groups and user-group
>> associations from LDAP to galaxy via the API/bioblend.
>>
>> Adding groups and user-group associations should be no problem, but
>> how about removing users, groups, or associations? Are there any
>> pitfalls that I need to consider? How about data associated with deleted
>> users? Maybe there are already some scripts around that I could build
>> upon?
>>
>> Best,
>> Matthias
>>
>> P.S. I'm afraid that I ask quite a lot of questions at the moment.
>> I hope that I will be soon able to contribute a bit.
>>
>
>
>
> ___________________________________________________________
> Please keep all replies on the list by using "reply all"
> in your mail client.  To manage your subscriptions to this
> and other Galaxy lists, please use the interface at:
>    https://lists.galaxyproject.org/
>
> To search Galaxy mailing lists use the unified search at:
>    http://galaxyproject.org/search/
>
___________________________________________________________
Please keep all replies on the list by using "reply all"
in your mail client.  To manage your subscriptions to this
and other Galaxy lists, please use the interface at:
  https://lists.galaxyproject.org/

To search Galaxy mailing lists use the unified search at:
  http://galaxyproject.org/search/
| Threaded
Open this post in threaded view
|

Re: LDAP group data synchronization

Matthias Bernt
Hi again,

let me just stress that I'm quite new to galaxy and LDAP .. and that the
script is alpha/beta status :) and has not been tested thoroughly (in
particular not in a production environment).

Best,
Matthias


On 30.03.2017 13:30, Hans-Rudolf Hotz wrote:

> Hi Matthias
>
> This is great! Thank you very much for sharing this with the community.
>
> I hope I will find time to test this with our server soon.
>
>
> Regards, Hans-Rudolf
>
>
> On 03/30/2017 01:24 PM, Matthias Bernt wrote:
>> Dear galaxy-dev,
>>
>> as a follow-up to my own question I have just implemented a little
>> python script that syncs groups, group membership and to some extent
>> also users from a LDAP server to a galaxy server.
>>
>> I have put this on github:
>>
>> https://github.com/bernt-matthias/galaxy-group-sync
>>
>> I would be happy about any comments and suggestions.
>>
>> Cheers,
>> Matthias
>>
>>
>> On 15.03.2017 15:20, Matthias Bernt wrote:
>>> Dear galaxy developers,
>>>
>>> I'm currently trying to establish galaxy at the UFZ research center in
>>> Leipzig. I have some questions on how to match the infrastructure of
>>> galaxy and and our local infrastructure. I would be really happy about
>>> some comments on my ideas.
>>>
>>> Galaxy external authentication via LDAP is already working -- worked
>>> like a charm :)
>>>
>>> How to integrate LDAP group data into galaxy?
>>>
>>> My idea would be to regularly sync the groups and user-group
>>> associations from LDAP to galaxy via the API/bioblend.
>>>
>>> Adding groups and user-group associations should be no problem, but
>>> how about removing users, groups, or associations? Are there any
>>> pitfalls that I need to consider? How about data associated with deleted
>>> users? Maybe there are already some scripts around that I could build
>>> upon?
>>>
>>> Best,
>>> Matthias
>>>
>>> P.S. I'm afraid that I ask quite a lot of questions at the moment.
>>> I hope that I will be soon able to contribute a bit.
>>>
>>
>>
>>
>> ___________________________________________________________
>> Please keep all replies on the list by using "reply all"
>> in your mail client.  To manage your subscriptions to this
>> and other Galaxy lists, please use the interface at:
>>    https://lists.galaxyproject.org/
>>
>> To search Galaxy mailing lists use the unified search at:
>>    http://galaxyproject.org/search/
>>


___________________________________________________________
Please keep all replies on the list by using "reply all"
in your mail client.  To manage your subscriptions to this
and other Galaxy lists, please use the interface at:
  https://lists.galaxyproject.org/

To search Galaxy mailing lists use the unified search at:
  http://galaxyproject.org/search/

smime.p7s (7K) Download Attachment