[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: issue w/ LDAP that I have encountered

--On Thursday, July 06, 2006 3:03 PM -0500 "Derek R." <derekr@tlc2.uh.edu> wrote:

Thanks for your reply.  The only reason the db is expendable is because
I'm setting it up right now, so it won't be expendable once it's
populated w/ LDAP data.  The reason I have chosen an SQL-based solution
is because we are planning on integrating all of the data in LDAP ( user
account info, user organizational data, DNS records, DHCP, etc. ) w/
ticket-tracking and other management software, and we have decided that
an SQL solution offers us the best interoperability as well as the widest
range of choices should we need to move to a different DB later on.
I appreciate the tip on using the Heimdal implementation.  Should I
encounter any issues in my initial testing, I will try Heimdal out.
However, right now I'm just trying to get things working, and if I have
time ( before my deadline, which is creeping inexorably closer ) I will
do performance testing and tuning.

This is all my opinion, so please don't take any offense... ;)

I would re-examine your premises on this. The back-sql stuff is still fairly experimental from all the development I see going on with it, and it is magnitudes slower than back-{hb}db. If you are wanting to run an *LDAP* service, I would highly advise using one of those two backends.

At Stanford, we have what are probably very similar data source issues, ticket integration, etc, that you do. Our solution was to do the following:

(1) Have a central RDBMS that stores the data
(2) Have a process that takes that data, converts it to LDIF, and writes it to the LDAP master

This allows much easier data audit/cleanup/integration, etc, while allowing us to have a high-performance, high-availability LDAP cluster.

I presented some on how things work @ Stanford at ODD#3, you can find it at:



Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html