[Date Prev][Date Next]
Re: Seeking advice on building an application based on LDAP
As most (if not all) of your questions are not specific to
OpenLDAP Software, your post is off-topic here. Please
see <http://www.openldap.org/lists/#charter> for the list
charter and pointers to other forums where your questions
are more appropriately discussed.
At 08:04 AM 12/10/2004, Ron Wheeler wrote:
>I am designing an e-learning system that will server many (~100) organizations that each have tens of thousands of employees.
>Each organization can have multiple organizational levels.
>Each organization can have course catalogs at each of the organizational units and each employee will have a personal course catalog and some limited history about courses taken, marks received, certifiactions achieved and courses in progress.
>The organizations may have their own administrators at each level who will be able to sign students up for courses.
>The master course catalog in LDAP will have minimal information in it with pointers to external files/database entries (MySQL)
>The client will interface to this through Web Services so it will never be exposed to the internet directly. I am hoping that LDAP will be easy to access from Web Services.
>It seems possible and looks like it might actually be a "good" idea but I would like to get some expert opinion.
> From my reading, it appears that LDAP can be used to hold all kinds of information that has the following characteristics
>1) few updates, many searches
>2) naturally hierarchical
>3) needs scalable repository
>I have found some very good help on the web so far.
>The IBM Redbook series was very interesting and helpful. It was a bit confusing because of the customization that they had done to the schema stucture which they treated as part of the standard LDAP functionaility.
>"Understanding and Deploying LDAP Directory Services" by Timothy A. Howes, Mark C. Smith, Gordon S. Good looks like a good book with some sections on customization.
>Some of the advantages of using LDAP are:
>1) simple directory style navigation
>2) intrinsic replication and proxy capability for scalability
>3) standards based but customised to the point of unrecognizability
>4) single database for authentication and full user profile
>5) distributed administration built-in to LDAP design
>6) natural ability to handle multiple organizations and multiple organizational units within each organization.
>The alternative is to go all custom with everything in a series of MySQL databases.
> From this limited thumbnail, what advice can you give me?
>1) Am I on the right track?
>2) Does anyone know if anyone has ever done this and created a schema that can be used?
>3) If I use LDAP, what kind of problems am I going to have? Besides the usual errors
>4) Any design guidelines that you have found useful in the past.
>5) Any good resources for customization of LDAP schemas.
>6) Any good design tools for planning and documenting LDAP structures
>7) Should I care about the backend that LDAP uses?