[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Simple LDAP service

To: Gene Skonicki <gene@imsa.edu>
Subject: Re: Simple LDAP service
From: "W. Reilly Cooley" <wcooley@nakedape.cc>
Date: Tue, 21 Dec 1999 19:52:13 -0800 (PST)
Cc: openldap-general@OpenLDAP.org
In-reply-to: <19991221210310.A15922@imsa.edu>

On Tue, 21 Dec 1999, Gene Skonicki wrote:

[ Mr Skonicki, I hope you don't mind if I cc: the list; I suspect
other people were also unable to understand what I was asking for. ]

> I'm not sure I understand.  In order to "get" information from a
> client, you need only have the ldap api libraries installed.  The
> specific application (something which grabs configuration information
> and performs transformations on them,say) makes its own tcp/ip
> connection to the ldap server.  Only one machine (or more if you want
> replication) needs torun slapd to serve directory information.

Yes, it's a little hard to understand because I don't know how best to
explain it.  So let me try to explain how it will work.

We are building a configuration manager that we want to store
configuration information in a directory, like AIX's ODM and (to a much
more brain-dead extent) the Windows registry.  The directory will be
accompanied with scripts that will make LDAP calls to pull down the
configuration information and generate application-specific config files.

In a typical configuration, the flow works like this:

application -> config generator -> slapd -> DB file

This is great; it makes the system network-manageable.  It means not
having to hack applications (such as Apache) to use LDAP for
configuration.

However, there are circumstances where a system might not want to run
slapd, such as a firewall or a low-memory or low-storage system.  The
config generator scripts are run on-demand or scheduled, so there's no
additional overhead required for a resident slapd.

So what we want is something like this:

application -> config generator -> directory

Ideally it would be something like this for simplicity:

application -> config generator -> mini-slapd -> DB files
or
application -> config generator -> libminildap -> DB files

in the case that there's no slapd.

And we would prefer the difference between slapd and no-slapd to be
transparent for the config generators--it can be done through installing a
library, or setting an option in a config file.  It might be best to
insert another layer of abstraction, such as:

application -> config generator -> libconfiggen -> slapd -> DB files
					        -> DB files

However, it would seem simplest to have a library or mini-daemon that, in
absence of slapd, could just handle the DB files directly.  (It would also
be nice if it could use the same DB files as OpenLDAP, so one could
migrate between the two.)

So I'll just have to assume that, for now, no such thing exists?

Wil
-- 
W. Reilly Cooley                         wcooley@nakedape.cc

The LNX System: Linux for a 2U rack.  http://lnxs.org

     Internet Meta-Resources: http://nakedape.cc/meta-res/
	       "All the Net you need to be a geek."

Prev by Date: Simple LDAP service
Next by Date: RE: Simple LDAP service
Index(es):
- Chronological
- Thread