[Date Prev][Date Next]
One of the things we're currently working on is hacking together something
to support automatic updates of our non-LDAP-aware tools and to implement
certain business logic rules for our own directory. So, for instance, when
an entry aquires an ou of FOO, we would like to add their mail attribute
(if any) to the mailing list that happens to be associated with foo and
also add an ou: bar attribute to their entry. We've come up with a number
1. Have something periodically crawl the directory and notice changes.
2. Have something periodically scrape a logfile to get changes.
3. Use back-perl (with back-bdb replicas for reading).
4. Write data somewhere else first with custom tools, then sync to LDAP.
5. Write a limited back-perl and make that a replica of the main server.
Unless I have grossly misread the documentation (which is, I must admit, a
possibility) there isn't an Apache-like module syntax whereby I could
manipulate data and then hand it to a pre-existing backend (although some
of our goals might be achievable with back-meta). We thought about just
patching the code, but of course that rapidly becomes less manageable if
we want to stay up-to-date (which we do).
So, we're currently leaning towards #5, but would be interested to know if
there is a better way of implementing this using OpenLDAP (since other
people have presumably done this kind of thing in the past).
Database Applications Developer
Information Technology Services - Harvard Law School
Omnia Mutantur, Nihil Interit