wanted: alternative to LDAP

John Baxter news.collectivize at scandaroon.com
Mon Aug 11 17:22:31 EDT 2003 

In article <mailman.1060593917.22756.python-list at python.org>,
 Gerhard Haring <gh at ghaering.de> wrote:

> Anthony Baxter wrote:
> > I'm looking for something (usable from python) that provides networked
> > directory/registry type functionality to a bunch of Linux and Solaris 
> > servers.
> > LDAP's one alternative, but the LDAP servers are heavy heavy beasts, so I 
> > was
> > hoping for something that's actually lightweight, rather than "lighter than
> > X.500".
> 
> The term "leightweight" doesn't say much to me. I don't care if a 
> process takes 1 or 2 MB ;-) What I do care about is ease of 
> configuration and that's why I use PostgreSQL in places other people use 
> LDAP: system users, mail accounts, mail forwarding, domain management, 
> etc. for a virtual hosting solution.
> 
> The reason for going to an RDBMS instead of LDAP were for me:
> 
> a) I know relational databases quite well
> b) I know some LDAP, but always found it a pain to work with
> c) The open source tools for editing LDAP data are quite weak
> 
> The only advantage LDAP would have over a RDBMS to me is that OpenLDAP 
> seems to have integrated replication mechanisms.

We use LDAP for several "simple" things having to do with user 
authentication, existence of mail boxes, etc.

We use MySQL for many other things where designing LDAP looked too hard 
to the people doing the work (not me).

Both openLDAP and MySQL provide for replication.  MySQL's seems to just 
work...we've installed a monitor system to ensure that the LDAP 
replication is working (change a comment field in a designated record, 
wait a few seconds, and verify that the change is on each slave server).  
We "catch" openLDAP corrupting its database now and then (less 
frequently in the current version that before), and sometimes catch it 
refusing to talk until restarted, even though the database isn't corrupt.

(slapd refuses to start if the database is corrupt...that's our cue that 
it's time to rebuild).

Suggest you design your client programs so that if the primary server 
doesn't respond (the bind fails) the program will try other servers 
until one does...that feature of Exim has proven quite useful.  
Unfortunately, our POP/IMAP server doesn't do that.
> 
> I reckon you wouldn't call an RDBMS more leightweight than LDAP, but I 
> don't think there are many alternatives apart from LDAP and RDBMS. Well, 
> there's NIS if for some reason you didn't know about it, yet :)
> 

I've only used NIS somewhat "passively" on Mac OS X (a one-machine 
"network").  We don't run it.  It looks tempting.

  --John

-- 
Email to above address discarded by provider's server.  Don't bother sending.

More information about the Python-list mailing list