The TAK Ops team at BBN is working on a TAK Unified Management Tool (UMT) to bring together key day-to-day TAK admin functions into one location. This will make user and TAK Server management much easier, simpler and faster, and will dramatically improve management of large-scale deployments. UMT can be deployed as a standalone application or a Docker container with or without integrated Lightweight Directory Access Protocol (LDAP).
What is the problem we are trying to solve?
Currently, secure and effective administration of a TAK Server requires use of multiple different sites and tools. You may have to log into the command line to make certs, use the TAK server management web UI to add a user, maybe log into an identity provider (IdP) to change a group or interact with a completely separate LDAP admin tool to manage users for medium to large deployments.
Wouldn’t it be great if you could just type “docker compose up --build” and deploy a LDAP instance, a modern and intuitive UI Front end, and all the tools you need to manage your TAK deployment?
Figure 1 - TAK UMT Running in Docker next to TAK Server
How is it being done?
Using open-source tools, we have started to build a TAK Unified Management Tool proof of concept. The front-end is HTML, JavaScript, and CSS. The back-end is Flask and OpenLDAP. When an admin makes a change with the UMT web UI a message is sent to the dedicated UMT backend which then interfaces with TAK or LDAP as needed. The UMT uses a combination of existing APIs to communicate with TAK, OpenLDAP, AWS, and can be expanded to other services.
Figure 2 - UMT Rough DFD
Another problem the UMT will solve is the difficulty in quickly onboarding large numbers of users. Using the TAK QR Code URI, we built a page that allows you to rapidly add single or multiple users and produce a QR code that can be printed or emailed (e.g., using Amazon SES). You can even import a CSV and make 100s of users at once.
Figure 3 - Create New User Form and Mass Enrollment Form
How do you deploy it?
UMT can be run as a Docker container or simply as a Python app. It can be used to configure OpenLDAP or with TAK’s file-based user management. Our initial focus is for more easily managing and onboarding TAK users and managing groups, but the possibilities are endless for new unified administrative functionality!
Figure 4 - Unified Management Tool Concept Sitemap
When can I get it?
This is an early proof of concept. It is currently an internal effort to make TAK management more efficient with our TAK Cloud offering, but our goal is to opensource it. We plan to add more features to allow for federation control, logs, and file management before a full release. Additionally we will be moving from our rapid prototyping libraries to production grade tools that align with the rest of the TAK Server software ecosystem and industry best practices (e.g., Angular, Node.js, etc) and will be adding security-focus features to support robust operational use.
How do I learn more?
Contact us here: tak@rtx.com