[prev in list] [next in list] [prev in thread] [next in thread]
List: openldap-general
Subject: Re: [ldap] newbie
From: John Kristian <kristian () netscape ! com>
Date: 1999-03-05 19:44:59
[Download RAW message or body]
Maria Holmsten wrote:
> We need a distributed directory service where it is
>
> -easy to create/delete /add new directories, organisationally structured where the \
> container(s) in the tree is to contain a unique username and a couple of other \
> values related to this username.
LDAP does that. A common pitfall is to structure the DIT to model the organizational \
structure; it's better to have a very flat tree, and represent organizational \
affiliations as attributes of the entries. But the latter works fine.
> -easy to dynamically commit a search for a particular username and to quickly be \
> presented the results of the search is a user friendly fashion.
LDAP supports fast and flexible searching, certainly. Many UIs are available for \
LDAP, including the Address Book component of Netscape Communicator, and many others. \
I find some quite good, but it's subjective and dependent on your aims. Try some; \
see what you think.
> - using TCP/IP
LDAP does that.
> - possible to provide privacy to a person who wishes to perform a search for a \
> username without anyone else knowing it..
LDAPS (LDAP over SSL) does that. It is not as widely implemented as plain LDAP, \
however. Plain LDAP is no more private than the TCP connections on which it runs.
Of course, the people who operate the LDAP server (database) can find out who is \
searching for what (by monitoring the server's activity). But I can't conceive of \
any practical system that wouldn't have that property.
> The directory is to be used over networks using TCP/IP and mobile IP.. would this \
> be possible with LDAP?
Yes.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic