[Date Prev][Date Next]
I've been scouring the web for documentation on LDAP, and I'm really
having trouble finding anything very useful. One article I read over at
O'Reilly even said that there's relatively little documentation out
What I'd like to understand is this:
A client has their environment set up to use NIS, DNS, DHCP and all
kinds of other stuff. They have a database for some user information as
well, which means they have to write code every time they want to
provide another service, and getting mail clients to integrate and
single sign on to work is simply not possible. It seemed logical to me
that LDAP might enable them to integrate more services with less code,
and if they do write code, they'll have a unified interface to go
against, and they won't have to embed SQL in there.
They also have an inventory database that is relatively static that
looks like an absolute shoe-in for LDAP.
My questions are not only 'is this possible' - every article I've read
says that it is - but WHERE the HECK do I START?
I was happy to learn that the OID scheme is the same as SNMP, which I'm
really familiar with. However, I'm having trouble reading through and
understanding how to extend objects that already exist, how to create my
own, when to do either of the aforementioned, and I'm even a little lost
at times with reading the LDIF files, because I don't know this part of
the ASN.1 tree that well. For example, there are attribute types from
the 184.108.40.206.4.1... part, and some others (in the core.schema I think)
that say something like 220.127.116.11. Where are these coming from?
Also, the search tools and stuff don't seem very robust. Is there a way
I can put slapd in some sort of debug mode where it'll show me
everything in the tree, or show me the relationships between the
objects? How do I create these relationships? For example, If I have a
user directory that keeps track of internal clubs a user belongs to, can
I make a user object be the parent of one or more 'club' objects? The
clubs are small, so it wouldn't warrant putting the club at the top of
In addition, there are people in that organization who have security
concerns about LDAP. Unfortunately, I can't find any docs on this
aspect of LDAP either.
LINKS!!!! Any links are begged for. I'm not too lazy to RTFM - I've
read a few RFC's already and a million articles which have convinced me
that this is the right way to do certain things - now I need to know
Appreciate any response to this cry for help.
Brian K. Jones
Dept. of Computer Science, Princeton University
Voice: (609) 258-6080