Craig White wrote:
I suppose I don't understand what you are saying. Are you saying that some of the LDAP servers are not compliant with RFC's for LDAP? Which ones? how?
No, I'm saying that there should have been standardized schemas eons ago for the things that everyone needs to store and all implementations should interoperate at that level.
Why? Because Les says so?
Well, if you prefer to wait for Microsoft to dictate a standard...
LDAP is not one configuration fits all...everyone has their way of doing things from SunDS to Fedora-DS to SuSE/eDirectory to Microsoft. Deal with it.
Sure, vendor lock-in exists. But that's why we need standards. It isn't any better for people to make up different stuff in LDAP schemas than it is HTML tags.
Your argument ignores the fact that LDAP exists not to provide authentication but to provide directory services. It is entirely possible if not logical to use LDAP and not provide user authentication.
Sure, and you can make up new stuff in HTML if your goal is to prevent interoperability. And that's been done too.
As for people not wanting to understand LDAP, that's their choice and I wish them luck. If you want a pre-configured LDAP that's always the same for every installation, check out Active Directory. It doesn't get any easier to implement LDAP on Active Directory if you don't understand it.
Can you ship something pre-configured to work with Active Directory? Why should more than one person have to 'implement' it? If it works in one place, won't the same implementation work elsewhere?
system-config-authentication - that's a tool you can use to configure any computer to use AD or LDAP or whatever authentication service you choose. Macintosh has a similar tool for configuration.
I don't want 'whatever' service, I want an interoperable service. If I say LDAP there, where's the matching server?
It's only a problem for people that don't want to understand LDAP. Always the same arguments from the same people that want to use LDAP and never understand anything about it.
If you have to understand it, then it isn't ready to use. XML has the same problem if you want to use it for anything. That's why people use HTML where a standards body took something from being a toolbox with potential and made it useful. I can use HTML between two more or less arbitrary client and programs and have mostly predictable results. Why can't that be the case for LDAP?