]> pere.pagekite.me Git - homepage.git/blob - blog/Time_for_new__LDAP_schemas_replacing_RFC_2307_.html
projects / homepage.git / blob
? search:


74024a680fcbd686f7e7e2538280e1560052de2c
[homepage.git] / blog / Time_for_new__LDAP_schemas_replacing_RFC_2307_.html
1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
2 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
3 <html>
4 <head>
5 <title>Petter Reinholdtsen: Time for new LDAP schemas replacing RFC 2307?</title>
6 <link rel="stylesheet" type="text/css" media="screen" href="http://people.skolelinux.org/pere/blog/style.css">
7 </head>
8 <body>
9
10 <div class="title">
11 <h1>
12 <a href="http://people.skolelinux.org/pere/blog/">Petter Reinholdtsen</a>
13
14 </h1>
15
16 </div>
17
18
19 <div class="entry">
20 <div class="title">Time for new LDAP schemas replacing RFC 2307?</div>
21 <div class="date">2009-03-29 20:30</div>
22 <div class="body">
23 <p>The state of standardized LDAP schemas on Linux is far from
24 optimal. There is RFC 2307 documenting one way to store NIS maps in
25 LDAP, and a modified version of this normally called RFC 2307bis, with
26 some modifications to be compatible with Active Directory. The RFC
27 specification handle the content of a lot of system databases, but do
28 not handle DNS zones and DHCP configuration.</p>
29
30 <p>In <a href="http://www.skolelinux.org/">Debian Edu/Skolelinux</a>,
31 we would like to store information about users, SMB clients/hosts,
32 filegroups, netgroups (users and hosts), DHCP and DNS configuration,
33 and LTSP configuration in LDAP. These objects have a lot in common,
34 but with the current LDAP schemas it is not possible to have one
35 object per entity. For example, one need to have at least three LDAP
36 objects for a given computer, one with the SMB related stuff, one with
37 DNS information and another with DHCP information. The schemas
38 provided for DNS and DHCP are impossible to combine into one LDAP
39 object. In addition, it is impossible to implement quick queries for
40 netgroup membership, because of the way NIS triples are implemented.
41 It just do not scale. I believe it is time for a few RFC
42 specifications to cleam up this mess.</p>
43
44 <p>I would like to have one LDAP object representing each computer in
45 the network, and this object can then keep the SMB (ie host key), DHCP
46 (mac address/name) and DNS (name/IP address) settings in one place.
47 It need to be efficently stored to make sure it scale well.</p>
48
49 <p>I would also like to have a quick way to map from a user or
50 computer and to the net group this user or computer is a member.</p>
51
52 <p>Active Directory have done a better job than unix heads like myself
53 in this regard, and the unix side need to catch up. Time to start a
54 new IETF work group?</p>
55 </div>
56
57 <div class="tags">Tags: <a href="http://people.skolelinux.org/pere/blog/tags/debian">debian</a>, <a href="http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu</a>, <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/ldap">ldap</a>, <a href="http://people.skolelinux.org/pere/blog/tags/nuug">nuug</a>.</div>
58
59 </div>
60
61
62
63
64
65
66 <div id="sidebar">
67
68 <h2>Archive</h2>
69 <ul>
70
71 <li>2011
72 <ul>
73
74 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/01/">January (4)</a></li>
75
76 </ul></li>
77
78 <li>2010
79 <ul>
80
81 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/01/">January (2)</a></li>
82
83 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/02/">February (1)</a></li>
84
85 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/03/">March (3)</a></li>
86
87 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/04/">April (3)</a></li>
88
89 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/05/">May (9)</a></li>
90
91 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/06/">June (14)</a></li>
92
93 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/07/">July (12)</a></li>
94
95 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/08/">August (13)</a></li>
96
97 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/09/">September (7)</a></li>
98
99 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/10/">October (9)</a></li>
100
101 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/11/">November (13)</a></li>
102
103 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/12/">December (12)</a></li>
104
105 </ul></li>
106
107 <li>2009
108 <ul>
109
110 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/01/">January (8)</a></li>
111
112 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/02/">February (8)</a></li>
113
114 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/03/">March (12)</a></li>
115
116 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/04/">April (10)</a></li>
117
118 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/05/">May (9)</a></li>
119
120 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/06/">June (3)</a></li>
121
122 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/07/">July (4)</a></li>
123
124 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/08/">August (3)</a></li>
125
126 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/09/">September (1)</a></li>
127
128 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/10/">October (2)</a></li>
129
130 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/11/">November (3)</a></li>
131
132 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/12/">December (3)</a></li>
133
134 </ul></li>
135
136 <li>2008
137 <ul>
138
139 <li><a href="http://people.skolelinux.org/pere/blog/archive/2008/11/">November (5)</a></li>
140
141 <li><a href="http://people.skolelinux.org/pere/blog/archive/2008/12/">December (7)</a></li>
142
143 </ul></li>
144
145 </ul>
146
147
148
149 <h2>Tags</h2>
150 <ul>
151
152 <li><a href="http://people.skolelinux.org/pere/blog/tags/3d-printer">3d-printer (13)</a></li>
153
154 <li><a href="http://people.skolelinux.org/pere/blog/tags/amiga">amiga (1)</a></li>
155
156 <li><a href="http://people.skolelinux.org/pere/blog/tags/aros">aros (1)</a></li>
157
158 <li><a href="http://people.skolelinux.org/pere/blog/tags/bitcoin">bitcoin (2)</a></li>
159
160 <li><a href="http://people.skolelinux.org/pere/blog/tags/bootsystem">bootsystem (10)</a></li>
161
162 <li><a href="http://people.skolelinux.org/pere/blog/tags/debian">debian (46)</a></li>
163
164 <li><a href="http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu (54)</a></li>
165
166 <li><a href="http://people.skolelinux.org/pere/blog/tags/english">english (82)</a></li>
167
168 <li><a href="http://people.skolelinux.org/pere/blog/tags/fiksgatami">fiksgatami (1)</a></li>
169
170 <li><a href="http://people.skolelinux.org/pere/blog/tags/fildeling">fildeling (11)</a></li>
171
172 <li><a href="http://people.skolelinux.org/pere/blog/tags/kart">kart (5)</a></li>
173
174 <li><a href="http://people.skolelinux.org/pere/blog/tags/ldap">ldap (8)</a></li>
175
176 <li><a href="http://people.skolelinux.org/pere/blog/tags/lenker">lenker (4)</a></li>
177
178 <li><a href="http://people.skolelinux.org/pere/blog/tags/ltsp">ltsp (1)</a></li>
179
180 <li><a href="http://people.skolelinux.org/pere/blog/tags/multimedia">multimedia (11)</a></li>
181
182 <li><a href="http://people.skolelinux.org/pere/blog/tags/norsk">norsk (98)</a></li>
183
184 <li><a href="http://people.skolelinux.org/pere/blog/tags/nuug">nuug (114)</a></li>
185
186 <li><a href="http://people.skolelinux.org/pere/blog/tags/opphavsrett">opphavsrett (18)</a></li>
187
188 <li><a href="http://people.skolelinux.org/pere/blog/tags/personvern">personvern (33)</a></li>
189
190 <li><a href="http://people.skolelinux.org/pere/blog/tags/reprap">reprap (11)</a></li>
191
192 <li><a href="http://people.skolelinux.org/pere/blog/tags/robot">robot (4)</a></li>
193
194 <li><a href="http://people.skolelinux.org/pere/blog/tags/rss">rss (1)</a></li>
195
196 <li><a href="http://people.skolelinux.org/pere/blog/tags/sikkerhet">sikkerhet (22)</a></li>
197
198 <li><a href="http://people.skolelinux.org/pere/blog/tags/sitesummary">sitesummary (3)</a></li>
199
200 <li><a href="http://people.skolelinux.org/pere/blog/tags/standard">standard (21)</a></li>
201
202 <li><a href="http://people.skolelinux.org/pere/blog/tags/stavekontroll">stavekontroll (1)</a></li>
203
204 <li><a href="http://people.skolelinux.org/pere/blog/tags/surveillance">surveillance (7)</a></li>
205
206 <li><a href="http://people.skolelinux.org/pere/blog/tags/video">video (17)</a></li>
207
208 <li><a href="http://people.skolelinux.org/pere/blog/tags/vitenskap">vitenskap (1)</a></li>
209
210 <li><a href="http://people.skolelinux.org/pere/blog/tags/web">web (14)</a></li>
211
212 </ul>
213
214 </div>
215 </body>
216 </html>
Nettsider og blogg.