On Wed, 2007-05-23 at 13:41 -0600, Kenneth Burgener wrote: > Do you have suggestions on how to avoid LDAP schema nightmares?
I haven't ever had any nightmares of this sort. I've even built my own custom schemas. I've had problems over the years when OpenLDAP moved to strict schema-checking. Also for the longest time the Samba stock schemas were invalid, but that's fixed now with Samba3. Samba also ships with some nice perl utilities for setting up ldap users with samba fields. > The > problem we ran into in the past with trying to use an LDAP server for a > single sign on solution is this application used a different schema than > this application, and so on and so on. And updating entries or adding > to the schema was a technical nightmare. The only lightweight thing > about LDAP is communication protocol. Administration of LDAP is FAR > from lightweight. In addition to the portability, and maintenance > issues, I also have heard that there are numerous security issues with > LDAP as well. > > > /* > PLUG: http://plug.org, #utah on irc.freenode.net > Unsubscribe: http://plug.org/mailman/options/plug > Don't fear the penguin. > */ > /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
