[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Producing a web directory with LDAP

Quoting Adam de Zoete <AtoZ@dnet.co.uk>:

> Hi,
> Firstly let me say that i'm new to this list and new to LDAP. However 
> i'm looking for a flat file solution (or non-RDBMS) to produce a web 
> directory and am prepared to put in some learning curve in order to 
> be in an appropriate format.

Cool.  We are attempting a re-design based around much the same concept.

> Firstly, could I be looking in the right place with LDAP? Would you 
> have any other suggestions to build something like this?....

I don't think LDAP is commonly thought of for this purpose, but it is by
no means outside the scope of possibility.  We are doing it here because, 
our company changes it's scope on a daily basis, and ldap schemas are far
more flexible and _should_ allow us to integrate new data without spending
as much time re-working the existing parts of the schema.  We also have the
need to replicate localized 'read-only' copies of our data to remote 

> The reason why I am looking at LDAP is because SQL tables can't build 
> the hierarchical structure of a directory easily. I think I need a 
> un-relational solution, with greater speed and flexibility.

Speed here is a consideration.  If your needs are primarily 'read' driven,
LDAP will be an excellent performer.  However, LDAP is not optomized for write
performance and depending on the nature of your content you may notice this.

> I'm looking to build a web directory that can sit on one main server 
> with localized replicas in other countries. At the moment I am 
> imagining running this off either Linux or OS X boxes.

Again, LDAP is excellent for replicating and distributing data across many 
instances/servers.  The thing to consider here is "how accurate (time based)
do my replicants need to be?".  Although LDAP replicates data with ease, it
does not by default attempt "synchronous" updates.  This means you need to be
okay with the fact that some of the slave servers won't be 100% accurate 100%
of the time.  But the emphasis with LDAP is "the data WILL propigate"

> I have some relational data that is based on the directory. In some 
> articles online it claims that LDAP can't handle relational data, or 
> that it's simply not tailored for updating data on the fly. Can you 
> suggest ways of handling various relational bits of data, for one 
> example, hit-counters? Or any data that needs to be updated 
> regularly? (None of the data needs to be accurate to the second or is 
> time sensitive)

Ahh, there you go.  If 'time' accuracy is a allowable sacrifice, you are on
the right path.  It is not entirely true that LDAP doesn't handle relational
data.  Using aliases and objectclasses you can acomplish _MOST_ functionality
that you would expect from a full relational database.  The main difference
is you have to 're-train' yourself to think of your data (and schema) in a 
heirarchical manner.  Most problems will have a viable solution in both 
relational and heirarchical thought.

> The content should be more than a few million entries and I need fast 
> and flexible multiple field searching.

LDAP can handle this load, provided the 'write' events don't slow you down.
LDAP searches can be blazingly fast when you set up your indexes correctly. 
But, peforming writes requires these indexes to be updated.  Another benefit
here is that you can EASILY chop off whole sub-trees and put them on dedicated
servers without having to alter queries.  This allows for quite a bit of room
to grow.

> Can anyone suggest whether LDAP is firstly capable of the above and 
> secondly the the correct format for holding/searching such 
> information in such quantity?

Capable, yes i'm pretty sure.  Correct, that is harder to say for certain.

> Can it be easily integrated into other networks/systems?

Alot of things talk to ldap.  But if you have to customize your schema too 
much away from RFC objectclasses and attributes, you will break some of 
this built in interoperability.  Certain clients only are "aware" of certain
types of LDAP data, such as "contact information" etc.

> What is your suggestion for the ideal middle-ware for use with LDAP?

Not sure what you mean by middle-ware.  GUI administration tool?  Web interface?

> Should I use OpenLDAP Server or use the built in LDAPv3 in OS 10.2?
> Know of any examples of LDAP on the web I could look at?
> Is the learning curve steep?

Somewhat.  The biggest thing to get your head around is the 're-training' part i
mentioned.  You have to get your mind into LDAP directory mode before you really
set in on how all your data should exist in the tree.

> Any information would be greatly appreciated,
> Many thanks,
> Adam

Ryan T. Gallagher
International Studies Abroad