splice

module

v1.2.1 Latest Latest Go to latest Published: Jan 6, 2023 License: Apache-2.0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/google/splice

Links

Open Source Insights

README ¶

Splice

Splice is an infrastructure service which allows Windows instances to join a Microsoft Active Directory domain without direct line of sight to a domain controller. It also supports flexible user auth and complex join request validation.

Overview

In a traditional Windows domain, all clients must be "domain joined" during (or after) imaging. The join establishes trust between the client and the domain controllers, and can be used as the basis for long term remote management of the device via a VPN, Microsoft DirectAccess, etc.

The join introduces a potential circular dependency for remote devices:

Trust must preceed remote access.
Access is required to establish trust.

The most basic solution is to always join clients on a network segment with direct connectivity to the business domain, but this introduces limitations. It's normally undesirable to expose domain controllers beyond the network perimeter, and it may be logistically or functionally difficult to physically connect every client to the domain network.

Splice addresses this dilemma by providing an intermediary broker for the domain join operation. The Splice infrastructure spans the network perimeter, enabling join requests to enter the network externally, and permits establishing domain trust without ever requiring the client to directly contact a domain controller. Once the join is complete, a management VPN can take over responsibility for the device's lifecycle.

Documentation

See the Project Documentation for more information.

Disclaimer

This is not an official Google product.

Directories ¶

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL

Path	Synopsis
appengine Package appengine is an web-application that provides a public API for cloud based offline Active Directory domain joins for Windows clients.	Package appengine is an web-application that provides a public API for cloud based offline Active Directory domain joins for Windows clients.
endpoints Package endpoints contains all request handler functions for Splice.	Package endpoints contains all request handler functions for Splice.
server Package server contains shared data and structures used across splice packages	Package server contains shared data and structures used across splice packages
validators Package validators provides basic validation for splice requests and exposes an interface for additional validators.	Package validators provides basic validation for splice requests and exposes an interface for additional validators.
cli
appclient Package appclient provides a TLS enabled HTTP client for use with splice requests.	Package appclient provides a TLS enabled HTTP client for use with splice requests.
gce Package gce provides functionality for reading GCE instance metadata.	Package gce provides functionality for reading GCE instance metadata.
generators Package generators provides custom hostname generation for use with Splice.	Package generators provides custom hostname generation for use with Splice.
prefix Package prefix provides a generator that generates names with a specific prefix.	Package prefix provides a generator that generates names with a specific prefix.
models Package models provides models for data storage and transfer.	Package models provides models for data storage and transfer.
shared
certs Package certs provides splice provisioning support for certificate generation, lookup and verification during the provisioning process.	Package certs provides splice provisioning support for certificate generation, lookup and verification during the provisioning process.
crypto Package crypto provides cryptographic functionality to SpliceD and CLI.	Package crypto provides cryptographic functionality to SpliceD and CLI.
provisioning Package provisioning provides Windows-specific functionality for joining hosts to a domain.	Package provisioning provides Windows-specific functionality for joining hosts to a domain.
spliced
metric/tracker Package tracker manages all internal state metrics for the SpliceD application.	Package tracker manages all internal state metrics for the SpliceD application.
pubsub Package pubsub abstracts the pubsub client calls out of the main SpliceD code.	Package pubsub abstracts the pubsub client calls out of the main SpliceD code.
testing Package testing provides helpers for testing SpliceD.	Package testing provides helpers for testing SpliceD.