[Date Prev][Date Next] [Chronological] [Thread] [Top]

LDAP and Oracle/ Multi-masters, was Re: LDAP and DNS

To: <openldap-general@OpenLDAP.org>
Subject: LDAP and Oracle/ Multi-masters, was Re: LDAP and DNS
From: "Mark Wilcox" <mark@mjwilcox.com>
Date: Wed, 23 Jun 1999 21:51:02 -0500


> <cut DNS discussions>
>Similar to what I've heard some people do (or try to do) with relational
>databases- i.e., I have a big Oracle HR database, want to serve LDAP from
>it.  I can set up a master LDAP server that backends to oracle,
>replicates to one or more standard replica ldap servers, and all clients
>access the replicas only (read-only access).  'Course mapping something
like a
>Peolesoft database on Oracle to LDAP is a real pain, not to mention
>finding/writing something to interface the LDAP server to the Oracle
backend
>and figuring out how to handle LDAP clients that want to write to LDAP...
>
Just an FYI Oracle now has a LDAP server front-end for the Oracle 8i
databases. This allows you talk to an Oracle db (e.g. HR apps) via LDAP
without having to port the information from an oracle server to LDAP. Don't
know anything about it, but just wanted to throw it in.
Netscape also has some scripts they wrote for merging Peoplesoft into LDAP
at the mozilla.org site (Netscape is a Peoplesoft site).


>I think in all these situations, the real goal I would be looking at is
getting
>
>as close to a single place to write/manage all of an enterprises info, so I
>have one database to manage, can build relationships between the info, can
>build a
>single interface to manage everything, etc, then find ways to export this
>data as read only to the various services.  It's not such a big deal to
manage
>the same info in many databases as long as only one is considered the
"owner"
>where the data is maintained and the data gets automatically exported to
other
>systems - the biggest problem is then just timing issues.  The problem
comes
>when data is mastered in many places (such as if you stored it in LDAP,
then
>hand edited and updated it in your DNS files - inevitably, someone will
edit
>one and forget to edit the other).
>
What we're doing at the University of North Texas, and what I've seen other
places (e.g. Stanford, other universities) is that LDAP is not the master
server, but instead is master repository. In other words, our LDAP server
will be fed from many different systems (e.g. student mainframe, hr
mainframe, UNIX account, PBX system, etc), but for clients to get access to
the information that is provided by these systems, they will do so via our
LDAP server.

The reason why you want to do something like this is because your providing
common, secure access to data on the network via an open standard protocol.

Of course this won't happen overnight, but if you provide a good service
(which means available and relatively easy to get data out of), it will
happen quicker than you think.

Mark

Follow-Ups:
- Re: LDAP and Oracle/ Multi-masters, was Re: LDAP and DNS
  - From: Jeff Clowser <jclowser@aerotek.com>

Prev by Date: Roaming Profiles - How would one prefabricate 3300 different users?
Next by Date: smart referrals with openldap 1.2
Index(es):
- Chronological
- Thread