[Date Prev][Date Next]
Re: how do YOU use LDAP?
> IMHO, a single directory service is THE advantage.
The difference between many servers vs. one server is purely
administrative; the client apps could care less whether your directory is
serving a million other uses, or whether there are several other
directories are also running on your network. The answer to your question
is a question: How does your organization split the adminstration of
things like LDAP servers?
If your organization is set up such that teams/departments are
responsible for their own servers, then multiple servers for smaller teams
is clearly the most appropriate. The dev team probably doesn't want the
marketing team futzing with their LDAP server, and vice versa.
If your organization is set up with a centralized NOC, with
trained administrative personel, server monitoring,
replications/failover/load balancing for H.A., strong security (meaning
instrusion detection systems and outside consultants paid to audit your
network), a helpdesk, and a documented process for making changes,
updates, and additions to the organizational infrastructure, then the
choice is obvious: a mega-server to serve everyone.
In my experience, the politics, budget wars, "resource" wars, etc.
that comes with a centralized NOC is not worth the efficiency gained in
having only one configuration to maintain. I have been on both the
receiving end, and the giving end (not by choice), of giving other
departments answers like "I'm sorry, we don't have resources allocated for
your project. Please fill out the following form in triplicate so upper
management can prioritize your project with relationship to the other
projects on our plate." In mid- to large- corporate settings, it is
always faster and more efficient (in my experience) to just set up your
own LDAP server and not tell anyone about it than it is to wait for the
I.T. department to help you -- because the I.T. department is always
overworked, understaffed, and not given any budget because they never
bring in any money.
This is what I observed over three mid- to large- sized companies
I worked at during the dot com era. One was bought out cheap, one was
bought out by a competitor and then shut down, and one is still around but
has appeared on FuckedCompany.com more than once. A setting like a
Univsersity, ISP, or multinational corporation is of course very