Re: [Boston.pm] OT: LDAP

Tue, 07 Dec 2004 11:17:57 -0800 

Thansk Ted and others.
I see that in an environment such as ours (all kinds of platforms), I can 
see a local web-based security manager powered by Perl for maintaining the 
LDAP directory, which then automatically replicates to others.

A problem we have with Active Directory ( :-(  ) is that the replication 
takes a while to accomplish. As I see, Active Directory under the covers 
is LDAP with M$Soft's own extensions. Anyone experienced it with LDAP? 
__________________________________________
Ranga Nathan / CSG
Systems Programmer - Specialist; Technical Services; 
BAX Global Inc. Irvine-California
Tel: 714-442-7591   Fax: 714-442-2840





"Ted Zlatanov" <[EMAIL PROTECTED]>

Sent by: [EMAIL PROTECTED]
12/06/2004 08:16 AM
 
        To:     "Tom Metro" <[EMAIL PROTECTED]>
        cc:     L-boston-pm <[EMAIL PROTECTED]>
        Subject:        Re: [Boston.pm] OT: LDAP


On Fri, 03 Dec 2004, [EMAIL PROTECTED] wrote:

Ted Zlatanov wrote:
>> LDAP is essential if you plan to run a serious mail server.  There's
>> very few alternatives to a well-managed LDAP server for your user
>> user directory.
> 
> There appears to be a trend towards using SQL databases, particularly
> MySQL for this. From a programmer's perspective, rather than a sys 
> admin. perspective, I find it easier to wrap my brain around MySQL.
> 
> I would assume the big functionality you loose out on through the SQL
> approach is that all the mail clients don't know how to query it as a 
> user directory (corporate phone/email directory). I imagine someone has 
> probably written an LDAP-to-SQL gateway that should address that.

LDAP servers can be replicated - it's part of the protocol.  It has
its own query language, etc. so it's really the best choice today for
a company-wide directory because it's the closest thing to a standard
for that purpose.

OpenLDAP specifically has a SQL backend that can talk to MySQL, so no
special gateways are needed.  Depending on the directory size this may
be fine.

Perl can be used to push updates from MySQL to LDAP when they occur,
which is a lot more efficient so you can keep the LDAP directory on
local disk instead of a MySQL database.  This is what I've done at our
site.

Ted
_______________________________________________
Boston-pm mailing list
[EMAIL PROTECTED]
http://mail.pm.org/mailman/listinfo/boston-pm


_______________________________________________
Boston-pm mailing list
[EMAIL PROTECTED]
http://mail.pm.org/mailman/listinfo/boston-pm

Reply via email to