Mike Meyer wrote:
In <[EMAIL PROTECTED]>, Vulpes Velox <[EMAIL PROTECTED]> typed:
LDAP is nice organizing across many systems, but if you are just
dealing with one computer it is complete over kill for any thing.
In that situation, it's not merely overkill, it's may actually be a
bad idea. Can you say "AIX SDR"? How about "Windows registry"?
Those system both took the approach of putting all the configuration
information in a central database. This creates problems because the
tools needed to examine/fix the config database require a complex
environment - at least compared to a statically linked copy of
ed. LDAP may not be so bad, but it still makes me nervous.
On the other hand, if you've got a flock of boxes to manage, having a
way to tell the rc subsystem "Go read config values from this LDAP
server" seems like a very attractive alternative.
<mike
Ok, so the general consensus seems to be that it's a good idea in some
cases and not in others. I myself agree that it should not be part of
the base setup for issues regarding the complication of the base
distribution... but why not make a package for it?
Take this idea, and run with it... build a package that installs over
the base installation, bundling the LDAP client libs, new rc structure,
tools, etc all in one shot. Add it to the ports collection and call it
done. - After all that's the wonder that is opensource... if ya want to
improve something, go for it - even better if you can contribute your
additions back to the community.
I think it could be the start of something really handy for those out
there managing large banks of servers... a central configuration
repository, key-based or something where you take a freshly installed
server, and point it to a config 'key', reboot and poof! That server
goes down, simply tell a spare one to use it's config 'key' and reboot -
back up and running :) You'd get all the redundancy of LDAP, the
organization of a directory tree, and the simplicity of uniform
configuration information. This of course with some assumptions about
storage and backup situations, but hey - it's an idea not a reality here
I'm talking about.
Anyways... without digressing way too much, my point was this: if
there's enough people interested in the idea, then collaborate and by
all means try to make something of it. If it works out well, lots of
people start adopting it, THEN we (the FreeBSD community) should look at
including it as part of the base... until then, make it as a bundled
package or something. I'm using LDAP here for users, groups, email and
account information shared to many servers - and it works great, but
it's certainly not for everyone and I'd never expect it to come
out-of-the box with everything required to do so. Have to weigh the
benefits against the costs.
This thread keeps arguing the good or the bad points of doing this - and
it seems to me not something worth arguing the merits of. If you believe
in it enough, then do it or at least try it. Lets move on from if we
should or shouldn't, and look more to HOW we could...
Just my two and a half cents.
--
Nathan Vidican
[EMAIL PROTECTED]
Windsor Match Plate & Tool Ltd.
http://www.wmptl.com/
_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
