[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapi vs ldap

To: Nick Milas <nick@eurobjects.com>
Subject: Re: ldapi vs ldap
From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
Date: Sat, 17 Mar 2012 01:24:45 +0100
Cc: openldap-technical@openldap.org
In-reply-to: <4F639D88.6020100@eurobjects.com>
References: <4F639D88.6020100@eurobjects.com>
User-agent: Roundcube Webmail/0.4.2

On Fri, 16 Mar 2012 22:07:36 +0200, Nick Milas <nick@eurobjects.com>wrote:

we are replicating locally and applications connect using:
ldap://localhost.

We are considering using ldapi://localhost instead.


ldapi://<URL-escaped socket filename>.  See '-h' in man 8 slapd.

Would there be any performance / reliability pros/cons?


Should be pro, if there is a difference.

Performance: The knowledge that transmitted data was always in your
system's memory might drill deeper into caching/buffering policies.

Reliability: I don't know of any difference.

Security: In addition to ordinary slapd ACLs, you can use filesystem
permissions to control access, and most systemss let you Bind with
SASL/EXTERNAL to get a Bind DN based on the client process' uid/gid.

--
Hallvard

Follow-Ups:
- Re: ldapi vs ldap
  - From: Howard Chu <hyc@symas.com>

References:
- ldapi vs ldap
  - From: Nick Milas <nick@eurobjects.com>

Prev by Date: Re: ACL in dynamic configuration
Next by Date: Re: URI="(null)" DN="" (Was: ldap && rwm && pcache && transparent)
Index(es):
- Chronological
- Thread