Ganymede Editing a System | |
Original author(s) | Applied Research Laboratories at The University of Texas at Austin |
---|---|
Initial release | 1998[1] |
Written in | Java |
Type | Identity management / Network directory management |
License | GNU General Public License |
Website | tools |
Ganymede is an open source network directory management framework, designed to allow administrator teams to collaboratively manage subsets of an organization's directory services, such as NIS, DNS, Active Directory / LDAP, DHCP, and RADIUS, among others. First announced and released at the 1998 USENIX LISA conference,[2] Ganymede has been under public development and use since then.
Ganymede uses a central server which supports clients connecting via Java RMI. The Ganymede server maintains a transactional object graph database of network information such as user objects, group objects, system objects, network objects, etc. Users and administrators run Ganymede clients (GUI or XML based) to create, modify, or delete objects in the database. Whenever a user commits a transaction, the Ganymede server schedules a number of background threads to write out updated network source files and run whatever system scripts are required to propagate the new data into the managed network directory services. If multiple users are working concurrently, the scheduler makes sure that the entire network environment is updated with transactionally consistent directory images as builds finish and new ones are issued.
The Ganymede server is meant to be programmed by the adopter, who can define arbitrary object data types along with custom logic to interact with the user through the GUI and to maintain consistency within and between objects. Adopters can also create custom tasks which can be executed at specified times by the internal Ganymede scheduler. Such custom tasks can make changes in the server's object database and/or can run external scripts to update external services.
Ganymede has an elaborate XML data format which can be used to import and export the server's object database schema and object data. Importing XML will typically result in the creation, modification, or deletion of database objects, and will trigger one or more network directory service rebuilds just as using the GUI client would do.
Above all, Ganymede is designed around administration teams. Administrators are members of 'Owner Groups', which own objects. Any object that is changed by a user or an automated task can result in change report email being sent to administrators in the appropriate Owner Group, making it possible for admins to keep up to date with changes that others in their groups are making. Owner Groups can be granted authority over arbitrary subsets of the object database, making it easy to slice up the network directory space in any fashion that may be desired.
As a programmable framework, Ganymede must be programmed for a specific set of directory management tasks. Fundamental Generic Networking in Germany has used it as the basis of their Doctor DNS project,[3] which is being used to manage DNS for the Kaiserslautern University of Technology.[4][5]