[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP and Oracle/ Multi-masters, was Re: LDAP and DNS

To: Mark Wilcox <mark@mjwilcox.com>
Subject: Re: LDAP and Oracle/ Multi-masters, was Re: LDAP and DNS
From: Jeff Clowser <jclowser@aerotek.com>
Date: Thu, 24 Jun 1999 10:49:25 -0400
Cc: openldap-general@OpenLDAP.org
Organization: Aerotek, Inc.
References: <001e01bebdec$660074b0$0c0b88cf@airwolf.airius.com>

> Just an FYI Oracle now has a LDAP server front-end for the Oracle 8i
> databases. This allows you talk to an Oracle db (e.g. HR apps) via LDAP
> without having to port the information from an oracle server to LDAP. Don't
> know anything about it, but just wanted to throw it in.
> Netscape also has some scripts they wrote for merging Peoplesoft into LDAP
> at the mozilla.org site (Netscape is a Peoplesoft site).

I've heard of the Oracle product, and plan to check it out some time in the
future, but didn't mention it because I don't currently know much about
it :)  I looked at the Peoplesoft to LDAP scripts, but had already done
something similar already, and mine was already tuned for our environment.
I forgot about that, but for people in a Peoplesoft shop, it's definately
a good start and worth looking into.

> What we're doing at the University of North Texas, and what I've seen other
> places (e.g. Stanford, other universities) is that LDAP is not the master
> server, but instead is master repository. In other words, our LDAP server
> will be fed from many different systems (e.g. student mainframe, hr
> mainframe, UNIX account, PBX system, etc), but for clients to get access to
> the information that is provided by these systems, they will do so via our
> LDAP server.

Good point.  We do something similar - on a nightly basis, I pull
"official" info from our HR database, helpdesk call tracking app,
etc to update certain info in LDAP.  Those systems "master"
or own most of the data about a person or office or such,
LDAP masters a uid and password associated with that HR info.  LDAP
becomes the place where I pull together a bunch of info mastered
elsewhere and present it to the average user through a scalable,
standards based system, and allows me to tie activities a user does
(i.e. email, Internet access via authed proxy, http access to
secured/authed applications, etc) to a "real" person in our HR
database.  LDAP is our enterprise management tool for many things,
and tieing it to the HR database allows us to automagically delete
accounts when people leave the company, helping clean things up
and improve security.  Also, since only one system manages any given
piece of data, the data is consistent throughout, but then that's
just good data management procedures - no new revelation invented
by me :)


> The reason why you want to do something like this is because your providing
> common, secure access to data on the network via an open standard protocol.

Exactly.

> Of course this won't happen overnight, but if you provide a good service
> (which means available and relatively easy to get data out of), it will
> happen quicker than you think.

We've been working on putting this all together since.... when did Netscape
DS 1.0 first come out??? and we're still working on integrating systems here
and there.

--
 Jeff Clowser
 mailto:jclowser@aerotek.com       Hanover MD  21076 USA
 Phone: (410)-579-4328             7312 Parkway Drive

References:
- LDAP and Oracle/ Multi-masters, was Re: LDAP and DNS
  - From: "Mark Wilcox" <mark@mjwilcox.com>

Prev by Date: Re: smart referrals with openldap 1.2
Next by Date: Re: Roaming Profiles - How would one prefabricate 3300 different users?
Index(es):
- Chronological
- Thread