]> pere.pagekite.me Git - homepage.git/blob - blog/Time_for_new__LDAP_schemas_replacing_RFC_2307_.html
projects / homepage.git / blob
? search:


2da5bfdfb1695474027bae29143e4658f05b04c0
[homepage.git] / blog / Time_for_new__LDAP_schemas_replacing_RFC_2307_.html
1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
2 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
3 <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr">
4 <head>
5 <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
6 <title>Petter Reinholdtsen: Time for new LDAP schemas replacing RFC 2307?</title>
7 <link rel="stylesheet" type="text/css" media="screen" href="http://people.skolelinux.org/pere/blog/style.css" />
8 <link rel="stylesheet" type="text/css" media="screen" href="http://people.skolelinux.org/pere/blog/vim.css" />
9
10
11 </head>
12 <body>
13 <div class="title">
14 <h1>
15 <a href="http://people.skolelinux.org/pere/blog/">Petter Reinholdtsen</a>
16
17 </h1>
18
19 </div>
20
21
22 <div class="entry">
23 <div class="title">Time for new LDAP schemas replacing RFC 2307?</div>
24 <div class="date">29th March 2009</div>
25 <div class="body"><p>The state of standardized LDAP schemas on Linux is far from
26 optimal. There is RFC 2307 documenting one way to store NIS maps in
27 LDAP, and a modified version of this normally called RFC 2307bis, with
28 some modifications to be compatible with Active Directory. The RFC
29 specification handle the content of a lot of system databases, but do
30 not handle DNS zones and DHCP configuration.</p>
31
32 <p>In <a href="http://www.skolelinux.org/">Debian Edu/Skolelinux</a>,
33 we would like to store information about users, SMB clients/hosts,
34 filegroups, netgroups (users and hosts), DHCP and DNS configuration,
35 and LTSP configuration in LDAP. These objects have a lot in common,
36 but with the current LDAP schemas it is not possible to have one
37 object per entity. For example, one need to have at least three LDAP
38 objects for a given computer, one with the SMB related stuff, one with
39 DNS information and another with DHCP information. The schemas
40 provided for DNS and DHCP are impossible to combine into one LDAP
41 object. In addition, it is impossible to implement quick queries for
42 netgroup membership, because of the way NIS triples are implemented.
43 It just do not scale. I believe it is time for a few RFC
44 specifications to cleam up this mess.</p>
45
46 <p>I would like to have one LDAP object representing each computer in
47 the network, and this object can then keep the SMB (ie host key), DHCP
48 (mac address/name) and DNS (name/IP address) settings in one place.
49 It need to be efficently stored to make sure it scale well.</p>
50
51 <p>I would also like to have a quick way to map from a user or
52 computer and to the net group this user or computer is a member.</p>
53
54 <p>Active Directory have done a better job than unix heads like myself
55 in this regard, and the unix side need to catch up. Time to start a
56 new IETF work group?</p>
57 </div>
58
59 <div class="tags">Tags: <a href="http://people.skolelinux.org/pere/blog/tags/debian">debian</a>, <a href="http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu</a>, <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/ldap">ldap</a>, <a href="http://people.skolelinux.org/pere/blog/tags/nuug">nuug</a>.</div>
60
61
62 </div>
63
64
65
66
67 <div id="sidebar">
68
69
70
71 <h2>Archive</h2>
72 <ul>
73
74 <li>2014
75 <ul>
76
77 <li><a href="http://people.skolelinux.org/pere/blog/archive/2014/01/">January (2)</a></li>
78
79 <li><a href="http://people.skolelinux.org/pere/blog/archive/2014/02/">February (3)</a></li>
80
81 <li><a href="http://people.skolelinux.org/pere/blog/archive/2014/03/">March (8)</a></li>
82
83 <li><a href="http://people.skolelinux.org/pere/blog/archive/2014/04/">April (1)</a></li>
84
85 </ul></li>
86
87 <li>2013
88 <ul>
89
90 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/01/">January (11)</a></li>
91
92 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/02/">February (9)</a></li>
93
94 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/03/">March (9)</a></li>
95
96 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/04/">April (6)</a></li>
97
98 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/05/">May (9)</a></li>
99
100 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/06/">June (10)</a></li>
101
102 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/07/">July (7)</a></li>
103
104 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/08/">August (3)</a></li>
105
106 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/09/">September (5)</a></li>
107
108 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/10/">October (7)</a></li>
109
110 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/11/">November (9)</a></li>
111
112 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/12/">December (3)</a></li>
113
114 </ul></li>
115
116 <li>2012
117 <ul>
118
119 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/01/">January (7)</a></li>
120
121 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/02/">February (10)</a></li>
122
123 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/03/">March (17)</a></li>
124
125 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/04/">April (12)</a></li>
126
127 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/05/">May (12)</a></li>
128
129 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/06/">June (20)</a></li>
130
131 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/07/">July (17)</a></li>
132
133 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/08/">August (6)</a></li>
134
135 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/09/">September (9)</a></li>
136
137 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/10/">October (17)</a></li>
138
139 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/11/">November (10)</a></li>
140
141 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/12/">December (7)</a></li>
142
143 </ul></li>
144
145 <li>2011
146 <ul>
147
148 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/01/">January (16)</a></li>
149
150 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/02/">February (6)</a></li>
151
152 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/03/">March (6)</a></li>
153
154 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/04/">April (7)</a></li>
155
156 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/05/">May (3)</a></li>
157
158 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/06/">June (2)</a></li>
159
160 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/07/">July (7)</a></li>
161
162 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/08/">August (6)</a></li>
163
164 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/09/">September (4)</a></li>
165
166 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/10/">October (2)</a></li>
167
168 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/11/">November (3)</a></li>
169
170 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/12/">December (1)</a></li>
171
172 </ul></li>
173
174 <li>2010
175 <ul>
176
177 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/01/">January (2)</a></li>
178
179 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/02/">February (1)</a></li>
180
181 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/03/">March (3)</a></li>
182
183 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/04/">April (3)</a></li>
184
185 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/05/">May (9)</a></li>
186
187 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/06/">June (14)</a></li>
188
189 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/07/">July (12)</a></li>
190
191 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/08/">August (13)</a></li>
192
193 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/09/">September (7)</a></li>
194
195 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/10/">October (9)</a></li>
196
197 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/11/">November (13)</a></li>
198
199 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/12/">December (12)</a></li>
200
201 </ul></li>
202
203 <li>2009
204 <ul>
205
206 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/01/">January (8)</a></li>
207
208 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/02/">February (8)</a></li>
209
210 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/03/">March (12)</a></li>
211
212 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/04/">April (10)</a></li>
213
214 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/05/">May (9)</a></li>
215
216 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/06/">June (3)</a></li>
217
218 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/07/">July (4)</a></li>
219
220 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/08/">August (3)</a></li>
221
222 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/09/">September (1)</a></li>
223
224 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/10/">October (2)</a></li>
225
226 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/11/">November (3)</a></li>
227
228 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/12/">December (3)</a></li>
229
230 </ul></li>
231
232 <li>2008
233 <ul>
234
235 <li><a href="http://people.skolelinux.org/pere/blog/archive/2008/11/">November (5)</a></li>
236
237 <li><a href="http://people.skolelinux.org/pere/blog/archive/2008/12/">December (7)</a></li>
238
239 </ul></li>
240
241 </ul>
242
243
244
245 <h2>Tags</h2>
246 <ul>
247
248 <li><a href="http://people.skolelinux.org/pere/blog/tags/3d-printer">3d-printer (13)</a></li>
249
250 <li><a href="http://people.skolelinux.org/pere/blog/tags/amiga">amiga (1)</a></li>
251
252 <li><a href="http://people.skolelinux.org/pere/blog/tags/aros">aros (1)</a></li>
253
254 <li><a href="http://people.skolelinux.org/pere/blog/tags/bankid">bankid (4)</a></li>
255
256 <li><a href="http://people.skolelinux.org/pere/blog/tags/bitcoin">bitcoin (8)</a></li>
257
258 <li><a href="http://people.skolelinux.org/pere/blog/tags/bootsystem">bootsystem (14)</a></li>
259
260 <li><a href="http://people.skolelinux.org/pere/blog/tags/bsa">bsa (2)</a></li>
261
262 <li><a href="http://people.skolelinux.org/pere/blog/tags/chrpath">chrpath (2)</a></li>
263
264 <li><a href="http://people.skolelinux.org/pere/blog/tags/debian">debian (95)</a></li>
265
266 <li><a href="http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu (146)</a></li>
267
268 <li><a href="http://people.skolelinux.org/pere/blog/tags/digistan">digistan (10)</a></li>
269
270 <li><a href="http://people.skolelinux.org/pere/blog/tags/docbook">docbook (10)</a></li>
271
272 <li><a href="http://people.skolelinux.org/pere/blog/tags/drivstoffpriser">drivstoffpriser (4)</a></li>
273
274 <li><a href="http://people.skolelinux.org/pere/blog/tags/english">english (242)</a></li>
275
276 <li><a href="http://people.skolelinux.org/pere/blog/tags/fiksgatami">fiksgatami (21)</a></li>
277
278 <li><a href="http://people.skolelinux.org/pere/blog/tags/fildeling">fildeling (12)</a></li>
279
280 <li><a href="http://people.skolelinux.org/pere/blog/tags/freeculture">freeculture (12)</a></li>
281
282 <li><a href="http://people.skolelinux.org/pere/blog/tags/freedombox">freedombox (7)</a></li>
283
284 <li><a href="http://people.skolelinux.org/pere/blog/tags/frikanalen">frikanalen (11)</a></li>
285
286 <li><a href="http://people.skolelinux.org/pere/blog/tags/intervju">intervju (40)</a></li>
287
288 <li><a href="http://people.skolelinux.org/pere/blog/tags/isenkram">isenkram (7)</a></li>
289
290 <li><a href="http://people.skolelinux.org/pere/blog/tags/kart">kart (18)</a></li>
291
292 <li><a href="http://people.skolelinux.org/pere/blog/tags/ldap">ldap (9)</a></li>
293
294 <li><a href="http://people.skolelinux.org/pere/blog/tags/lenker">lenker (7)</a></li>
295
296 <li><a href="http://people.skolelinux.org/pere/blog/tags/ltsp">ltsp (1)</a></li>
297
298 <li><a href="http://people.skolelinux.org/pere/blog/tags/mesh network">mesh network (8)</a></li>
299
300 <li><a href="http://people.skolelinux.org/pere/blog/tags/multimedia">multimedia (26)</a></li>
301
302 <li><a href="http://people.skolelinux.org/pere/blog/tags/norsk">norsk (243)</a></li>
303
304 <li><a href="http://people.skolelinux.org/pere/blog/tags/nuug">nuug (162)</a></li>
305
306 <li><a href="http://people.skolelinux.org/pere/blog/tags/offentlig innsyn">offentlig innsyn (11)</a></li>
307
308 <li><a href="http://people.skolelinux.org/pere/blog/tags/open311">open311 (2)</a></li>
309
310 <li><a href="http://people.skolelinux.org/pere/blog/tags/opphavsrett">opphavsrett (46)</a></li>
311
312 <li><a href="http://people.skolelinux.org/pere/blog/tags/personvern">personvern (70)</a></li>
313
314 <li><a href="http://people.skolelinux.org/pere/blog/tags/raid">raid (1)</a></li>
315
316 <li><a href="http://people.skolelinux.org/pere/blog/tags/reactos">reactos (1)</a></li>
317
318 <li><a href="http://people.skolelinux.org/pere/blog/tags/reprap">reprap (11)</a></li>
319
320 <li><a href="http://people.skolelinux.org/pere/blog/tags/rfid">rfid (2)</a></li>
321
322 <li><a href="http://people.skolelinux.org/pere/blog/tags/robot">robot (9)</a></li>
323
324 <li><a href="http://people.skolelinux.org/pere/blog/tags/rss">rss (1)</a></li>
325
326 <li><a href="http://people.skolelinux.org/pere/blog/tags/ruter">ruter (4)</a></li>
327
328 <li><a href="http://people.skolelinux.org/pere/blog/tags/scraperwiki">scraperwiki (2)</a></li>
329
330 <li><a href="http://people.skolelinux.org/pere/blog/tags/sikkerhet">sikkerhet (37)</a></li>
331
332 <li><a href="http://people.skolelinux.org/pere/blog/tags/sitesummary">sitesummary (4)</a></li>
333
334 <li><a href="http://people.skolelinux.org/pere/blog/tags/skepsis">skepsis (4)</a></li>
335
336 <li><a href="http://people.skolelinux.org/pere/blog/tags/standard">standard (44)</a></li>
337
338 <li><a href="http://people.skolelinux.org/pere/blog/tags/stavekontroll">stavekontroll (3)</a></li>
339
340 <li><a href="http://people.skolelinux.org/pere/blog/tags/stortinget">stortinget (9)</a></li>
341
342 <li><a href="http://people.skolelinux.org/pere/blog/tags/surveillance">surveillance (23)</a></li>
343
344 <li><a href="http://people.skolelinux.org/pere/blog/tags/sysadmin">sysadmin (1)</a></li>
345
346 <li><a href="http://people.skolelinux.org/pere/blog/tags/valg">valg (8)</a></li>
347
348 <li><a href="http://people.skolelinux.org/pere/blog/tags/video">video (40)</a></li>
349
350 <li><a href="http://people.skolelinux.org/pere/blog/tags/vitenskap">vitenskap (4)</a></li>
351
352 <li><a href="http://people.skolelinux.org/pere/blog/tags/web">web (29)</a></li>
353
354 </ul>
355
356
357 </div>
358 <p style="text-align: right">
359 Created by <a href="http://steve.org.uk/Software/chronicle">Chronicle v4.6</a>
360 </p>
361
362 </body>
363 </html>
Nettsider og blogg.