Hi Oliver, My only concern about OpenLDAP would be the push back from management. We already have administrators for Sun and MS stuff, why introduce something else? But that's another discussion all together.
As far as the web interfaces, do you have any suggestions? I must not be using the right search words, because all I'm able to find is eGuide, and a lot of stuff that lets you administer it (phpLDAPadmin, JXplorer, etc). As for the printable report, you're right; it should be fairly simple to script. I'm beginning to see that heading down the MS path just gets us more and more locked in. We looked at using the otherTelephone, but that's just another attribute that not every client acknowledges. In any case, thank you very much for your insight. -Jimmy -----Original Message----- From: Olivier Rademakers [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 02, 2007 3:55 PM To: Jimmy Liang Cc: [email protected] Subject: Re: [ldap] Question on Hi, First of all, from any choice of LDAP servers, I would definitely choose an OpenLDAP server. I have run both SUN Iplanet DS and OpenLDAP servers and there's no question about it...if you want speed, flexibility, (free) support from the community, reliability, and did I say SPEED? :-) For your web interface, there are several very good projects out there, but you may indeed want to write your own using the language that your IT masters best. I found it to be the best way to suit our needs and requirements. Your savvy tech people need to learn the CLI ldap tools and perl (w/ Net::LDAP). Leave the web interface for helpdesk support and users. If the printable report of your directory is let's say an extraction to an XL file, this could easily be accomplished by a perl script (~15 minutes development time). For what you should be using attribute-wise, is really up to you. You could also have both the complete address in the postalAddress attribute AND the addresses separated in street, city and st attributes. That way a query on who resides in "this city" will be easier than to parse the postalAddress attribute. RFC's are not a big deal apparently for Microsoft, thus their mono valued telephoneNumber attribute. They do have otherPhone I believe which is multi valued... Stick to the standards and forget Microsoft. Schema updates are always fun on an Active Directory; there's no going back! Gives you the impression of doing something drastic. "What if I was doing something wrong?". OpenLDAP schema updates are trivial. A walk in the park... There are a million other reasons for choosing OPENLdap over M$; logging, some really cool overlays and modules, ease of use and administration etc... I hope my completely unbiased advice helps you :-) Olivier --- You are currently subscribed to [email protected] as: [EMAIL PROTECTED] To unsubscribe send email to [EMAIL PROTECTED] with the word UNSUBSCRIBE as the SUBJECT of the message.
