[SASAG] OpenLDAP vs other directory services?
atom.powers at gmail.com
Thu Apr 6 11:01:50 PDT 2006
On 4/6/06, Mark Foster <mark at foster.cc> wrote:
> Atom Powers wrote:
> > What are your experiences with directory services?
> > Are there any decent open source solutions that can tie together *nix and samba?
> I use openldap 2.0.27 with phpLDAPadmin 0.9.7.2 and sometimes gq.
> By itself openldap has only command-line tools for manipulating the
> directory data. I've been pretty happy with phpldapadmin although it has
> it's quirks. It does appear to support Samba domains, users, groups and
> machines but I haven't used them.
This is what I'm currently running. The problems are many.
phpLDAPadmin is a good tool for editing the raw LDAP data, but it is
useless when looking up, for instance, which groups a user is a member
of or creating the home directory when a new user is added.
The usefullness of OpenLDAP is very dependent on your schema. OpenLDAP
only has very basic pre-built schemas; it's up to me to build schemas
to do just about everything from Samba domain support to email lists
etc. Building a schema that has all the right attributes to work with
our wide range of systems and basic enough to be manageable is a lot
of work. As a relust our current schema is ... crap.
Perfection is just a word I use occasionally with mustard.
More information about the Members