On Wed, 2009-11-04 at 18:24 -0500, Brian Mathis wrote:
You're getting dangerously close to saying "Everything you need to know is in the source code", or more succinctly, "RTFM an piss off". No one is saying that people shouldn't understand how LDAP works, but there's a world of difference between understanding how to install LDAP or make a query, and understanding the implications of everything you can do with it.
Understanding LDAP has absolutely nothing to do with how to USE LDAP. Knowing how to USE it is a people/organization problem, not a technical one. You need to adjust your focus to a higher level discussion than what you are having. This is not about the implementation details, it's about the higher-level structure.
Additionally, the fact that you have had to do things in multiple different ways in different offices only proves the point here. Does every application really need a completely custom structure? It might be nice for the billable hours, but my guess is that most of those offices could probably fit within a common schema, or at least a common schema used as a starting point for customization.
P.S. If LDAP was never designed to do user auth, it doesn't matter. Pretty much everyone uses it that way, so get over it.
---- I'm not having any problem with LDAP - it works for me. I have nothing to get over.
Fedora-DS and CentOS-DS are configured by default to use a particular setup for Users and Groups. I have used both OpenLDAP and Fedora-DS and they both work fine. If you think that OpenLDAP suffers from a particular lack of 'higher level structure', then you should probably address the authors of the software (good luck).
Kwan Lowe says you can install RedHat-DS (and by inference CentOS-DS) and configure server and replication in under an hour...what's everyone griping about?
Craig