[racktables-users] Re: Yet .. more questions...

• From: Denis Ovsienko <pilot@xxxxxxxxxx>
• To: racktables-users@xxxxxxxxxxxxx
• Date: Tue, 22 Sep 2009 00:53:16 +0400

On Mon, 21 Sep 2009 08:41:53 -0500 Lacayo, Luis F wrote:

> HI Denis, 
> 
> So here it is 8:30 AM and I so hate to bother you with goofy questions,
> but I have been up since about 3:00 AM with this crazy thoughts. 
> 
> 1.  How hard would it be to rotate the display of a rack by 90 degrees? 
>     Just in case you are wondering...  I have implemented blade
> enclosures as racks.  So if I  can turn a rack on it's side then it
> would appear like the enclosure.  Of course this would be a flag in the
> rack table. 

That would be an easy trick.

> 2.  Can you explain (or is there a data dictionary) for the tags.  I am
> continuing with my Batch load of objects that  you so graciously helped
> me with last week.  What I basically want to do is assign a tag (I
> called it unused) to the servers that I batch loaded, so We can assign
> the blades as we go along and if needed we can run a report that would
> list the unused (un assigned) blades. 

If you have object IDs of these spare blades in an array $a and the ID
of "not yet used" tag is $b, the following code would add this tag to
each item on the list:

foreach ($a as $object_id)
        rebuildTagChainForEntity ('object', $object_id, array ($b));

> 3.  Is there a place where I can go search the archives for explanation
> about permissions.  I want to understand this LDAP thingy, I have been
> looking at letting the windows team take a look at this (they use a
> spreadsheet to track their servers, which are already imported into
> racktables but they don't know it) but I to give the group read only
> permissions.  

There are two powerful ways to shoot one's foot: autotags generated
by LDAP "memberOf" attributes and so called "security context
modifiers". I haven't yet proven to myself, that they really work
together as it was intended, TBH. For the sake of maintainability I
would recommend a straightforward access policy:

0. Allow any LDAP users:
$user_auth_src = 'ldap';
$require_local_account = FALSE;

1. Deny known-bad users (optional).
2. Permit any user read-only access.
3. Permit known admin users read-write access.

There are examples of [2] and [3] on the Wiki:
http://racktables.org/trac/wiki/RackTablesAdminGuide

It is not possible to have both local and LDAP accounts. This means,
you will have to use your LDAP account too. There is only one
exception: admin account is aways local. I hope, it helps.

• References:
  • [racktables-users] Error during upgrade.
    • From: Craig West
  • [racktables-users] Re: Error during upgrade.
    • From: Denis Ovsienko
  • [racktables-users] Yet .. more questions...
    • From: Lacayo, Luis F

Other related posts:

• » [racktables-users] Yet .. more questions...- Lacayo, Luis F
• » [racktables-users] Re: Yet .. more questions... - Denis Ovsienko

1. Home
2. racktables-users
3. Archive
4. 09-2009

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---