The state of standardized LDAP schemas on Linux is far from +optimal. There is RFC 2307 documenting one way to store NIS maps in +LDAP, and a modified version of this normally called RFC 2307bis, with +some modifications to be compatible with Active Directory. The RFC +specification handle the content of a lot of system databases, but do +not handle DNS zones and DHCP configuration.
+ +In Debian Edu/Skolelinux, +we would like to store information about users, SMB clients/hosts, +filegroups, netgroups (users and hosts), DHCP and DNS configuration, +and LTSP configuration in LDAP. These objects have a lot in common, +but with the current LDAP schemas it is not possible to have one +object per entity. For example, one need to have at least three LDAP +objects for a given computer, one with the SMB related stuff, one with +DNS information and another with DHCP information. The schemas +provided for DNS and DHCP are impossible to combine into one LDAP +object. In addition, it is impossible to implement quick queries for +netgroup membership, because of the way NIS triples are implemented. +It just do not scale. I believe it is time for a few RFC +specifications to cleam up this mess.
+ +I would like to have one LDAP object representing each computer in +the network, and this object can then keep the SMB (ie host key), DHCP +(mac address/name) and DNS (name/IP address) settings in one place. +It need to be efficently stored to make sure it scale well.
+ +I would also like to have a quick way to map from a user or +computer and to the net group this user or computer is a member.
+ +Active Directory have done a better job than unix heads like myself +in this regard, and the unix side need to catch up. Time to start a +new IETF work group?
+ +