[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Seeking advice on building an application based on LDAP

To: rwheeler@artifact-software.com
Subject: Re: Seeking advice on building an application based on LDAP
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Fri, 10 Dec 2004 08:34:24 -0800
Cc: OpenLDAP-software@OpenLDAP.org
In-reply-to: <41B9C8F0.1020108@artifact-software.com>
References: <41B9C8F0.1020108@artifact-software.com>

As most (if not all) of your questions are not specific to
OpenLDAP Software, your post is off-topic here.  Please
see <http://www.openldap.org/lists/#charter> for the list
charter and pointers to other forums where your questions
are more appropriately discussed.

At 08:04 AM 12/10/2004, Ron Wheeler wrote:
>I am designing an e-learning system that will server many (~100) organizations that each have tens of thousands of employees.
>Each organization can have multiple organizational levels.
>Each organization can have course catalogs at each of the organizational units and each employee will have a personal course catalog and some limited history about courses taken, marks received, certifiactions achieved and courses in progress.
>The organizations may have their own administrators at each level who will be able to sign students up for courses.
>
>The master course catalog in LDAP will have minimal information in it with pointers to external files/database entries (MySQL)
>
>The client will interface to this through Web Services so it will never be exposed to the internet directly. I am hoping that LDAP will be easy to access from Web Services.
>
>It seems possible and looks like it might actually be a "good" idea but I would like to get some expert opinion.
>
> From my reading, it appears that LDAP can be used to hold all kinds of information that has the following characteristics
>1) few updates, many searches
>2) naturally hierarchical
>3) needs scalable repository
>
>I have found some very good help on the web so far.
>The IBM Redbook series was very interesting and helpful. It was a bit confusing because of the customization that they had done to the schema stucture which they treated as part of the standard LDAP functionaility.
>"Understanding and Deploying LDAP Directory Services" by Timothy A. Howes, Mark C. Smith, Gordon S. Good looks like a good book with some sections on customization.
>
>Some of the advantages of using LDAP are:
>1) simple directory style navigation
>2) intrinsic replication and proxy capability for scalability
>3) standards based but customised to the point of unrecognizability
>4) single database for authentication and full user profile
>5) distributed administration built-in to LDAP design
>6) natural ability to handle multiple organizations and multiple organizational units within each organization.
>
>The alternative is to go all custom with everything in a series of MySQL databases.
>
> From this limited thumbnail, what advice can you give me?
>
>1) Am I on the right track?
>2) Does anyone know if anyone has ever done this and created a schema that can be used?
>3)  If I use LDAP, what kind of problems am I going to have? Besides the usual errors
>4) Any design guidelines that you have found useful in the past.
>5) Any good resources for customization of LDAP schemas.
>6) Any good design tools for planning and documenting LDAP structures
>7) Should I care about the backend that LDAP uses?
>
>Thanks
>Ron
>

References:
- Seeking advice on building an application based on LDAP
  - From: Ron Wheeler <rwheeler@artifact-software.com>

Prev by Date: smbk5pwd under 2.2.19?
Next by Date: Re: How-to secure PosixAccount attr ?
Index(es):
- Chronological
- Thread