[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: LDAP vs SQL

To: "'Mark Wilcox'" <mewilcox@unt.edu>, Stuart Schmukler <Stuart.Schmukler@ncal.kaiperm.org>
Subject: RE: LDAP vs SQL
From: "Johnston, Sam" <sam@unsw.edu.au>
Date: Wed, 28 Oct 1998 12:53:59 +1100
Cc: treed@ultraviolet.org, openldap-general@openldap.org

I've been thinking about writing an LDAP GINA for winnt for some time,
probably based on NISGINA. the main things holding me back are that you
have to install it on every workstation that wants to do ldap
authentication, and i don't have time right now.

although i haven't looked much at the samba2 code yet i'm thinking about
hacking around in there to make it talk to ldap instead. i think that
would be most sexy - point all your workstations at a samba server
running the domain controller code and have it authenticate against an
LDAP server. for my purposes thats all i need, but a full solution would
want to include group memberships and so on too.

anyone else thinking about/working on such a project?

-
Sam Johnston
sam@unsw.edu.au

Ambition: A poor excuse for not having enough sense to be lazy.

-----Original Message-----
From: Mark Wilcox [mailto:mewilcox@unt.edu]
Sent: Wednesday, 28 October 1998 12:22
To: Stuart Schmukler
Cc: treed@ultraviolet.org; openldap-general@openldap.org
Subject: Re: LDAP vs SQL

Hi,
It's becoming easier to integrate LDAP into our daily lives (I really
think 1999 will be year of the LDAP :).
Sun offers  Sun Directory Serivces and there is also Luke Howard's
ypldap . Both of these allow you to drop in
replacement to use LDAP as the backend tech for NIS. Solaris 2.6 and
Solaris 7 (which will be new name of
Solaris 2.7 to released next week) also support PAM authentication and
LINUX does too. PAM authentication allows
you to implement whatever authentication scheme you wish while
presenting a common API so you don't have to
rewrite all of your apps from scratch if they use the OS for
authentication. I believe Luke has written a PAM
module for LDAP as well.

There are also a number of opensource projects under way to use LDAP for
RADIUS and there is also at least one
FTP server that uses LDAP for authentication.

LDAP integration won't happen overnight. In the mean time you can use
LDAP as a "meta-directory". This means
that you use LDAP to be the central store for your user information (or
well) where you draw your information
from as you begin to integrate.

Mark

Stuart Schmukler wrote:

> Tracy said:
> > I'm looking into implementing something like LDAP for my company to
help
> > us manage our user accounts and various other sorts of info. I've
read the
> > faqs and various web pages but there are still a few things I don't
> > understand. As far as I know, none of our OS's (Linux, HP-UX, SCO)
> > directly support LDAP in any way.
>
> Is you want to give 'users' accounts on your system LDAP has to be
integrated into the logon program.
>
> Its easier to see how LDAP could be used if the customers or vendors
shouldn't have account but you want
> to control access to some resource.   For example private web pages,
or PPP lines (for an ISP) come to mind.
>
> SaS

Follow-Ups:
- Re: LDAP vs SQL
  - From: Gerrit Thomson <334647@swin.edu.au>
- RE: LDAP vs SQL
  - From: "Luke Howard" <lukeh@xedoc.com.au>

Prev by Date: RE: LDAP vs SQL
Next by Date: Re: Using distingushed name components as attributes.
Index(es):
- Chronological
- Thread