-Title: Time to replace the LDAP schemas in RFC 2307
-Tags: nuug, english, debian edu, debian
-Date: 2009-03-29 12:00
-Publish: 2010-01-01
+Title: Time for new LDAP schemas replacing RFC 2307?
+Tags: nuug, english, debian edu, debian, ldap
+Date: 2009-03-29 20:30
-The state of standardized LDAP schemas on Linux is far from optimal.
-In Debian Edu, we would like to store information about users, SMB
-clients/hosts, filegroups, netgroups (users and hosts), DHCP and DNS
-configuration, and LTSP configuration in LDAP. These objects have a
-lot in common, but with the current LDAP schemas it is not possible to
-have one object per entity. For example, one need to have at least
-three LDAP objects for a given computer, one with the SMB related
-stuff, one with DNS information and another with DHCP information. In
-addition, it is impossible to implement quick queries for netgroup
-membership, because of the way NIS triples are implemented. I believe
-it is time for a few RFC specifications to cleam up this mess. The
-old RFC 2307 do not scale when it comes to netgroups, and the schema
-used by DNS servers and DHCP servers do not integrate properly with
-RFC 2307 and each other.
+<p>The state of standardized LDAP schemas on Linux is far from
+optimal. There is RFC 2307 documenting one way to store NIS maps in
+LDAP, and a modified version of this normally called RFC 2307bis, with
+some modifications to be compatible with Active Directory. The RFC
+specification handle the content of a lot of system databases, but do
+not handle DNS zones and DHCP configuration.</p>
-I would like to have one computer object representing each computer in
+<p>In <a href="http://www.skolelinux.org/">Debian Edu/Skolelinux</a>,
+we would like to store information about users, SMB clients/hosts,
+filegroups, netgroups (users and hosts), DHCP and DNS configuration,
+and LTSP configuration in LDAP. These objects have a lot in common,
+but with the current LDAP schemas it is not possible to have one
+object per entity. For example, one need to have at least three LDAP
+objects for a given computer, one with the SMB related stuff, one with
+DNS information and another with DHCP information. The schemas
+provided for DNS and DHCP are impossible to combine into one LDAP
+object. In addition, it is impossible to implement quick queries for
+netgroup membership, because of the way NIS triples are implemented.
+It just do not scale. I believe it is time for a few RFC
+specifications to cleam up this mess.</p>
+
+<p>I would like to have one LDAP object representing each computer in
the network, and this object can then keep the SMB (ie host key), DHCP
(mac address/name) and DNS (name/IP address) settings in one place.
-It need to be efficently stored to make sure it scale well.
+It need to be efficently stored to make sure it scale well.</p>
-I would also like to have a quick way to map from a user or computer
-and to the net group this user or computer is a member.
+<p>I would also like to have a quick way to map from a user or
+computer and to the net group this user or computer is a member.</p>
-Active Directory have done a better job than unix heads like myself in
-this regard. Time to start a new IETF work goup?
+<p>Active Directory have done a better job than unix heads like myself
+in this regard, and the unix side need to catch up. Time to start a
+new IETF work group?</p>
projects / homepage.git / blobdiff