]> pere.pagekite.me Git - homepage.git/blob - blog/Time_for_new__LDAP_schemas_replacing_RFC_2307_.html
projects / homepage.git / blob
? search:


da8082ab4c9ab0809e88de904a4f1365f44f6c06
[homepage.git] / blog / Time_for_new__LDAP_schemas_replacing_RFC_2307_.html
1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
2 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
3 <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr">
4 <head>
5 <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
6 <title>Petter Reinholdtsen: Time for new LDAP schemas replacing RFC 2307?</title>
7 <link rel="stylesheet" type="text/css" media="screen" href="http://people.skolelinux.org/pere/blog/style.css" />
8 <link rel="stylesheet" type="text/css" media="screen" href="http://people.skolelinux.org/pere/blog/vim.css" />
9
10
11 </head>
12 <body>
13 <div class="title">
14 <h1>
15 <a href="http://people.skolelinux.org/pere/blog/">Petter Reinholdtsen</a>
16
17 </h1>
18
19 </div>
20
21
22 <div class="entry">
23 <div class="title">Time for new LDAP schemas replacing RFC 2307?</div>
24 <div class="date">29th March 2009</div>
25 <div class="body"><p>The state of standardized LDAP schemas on Linux is far from
26 optimal. There is RFC 2307 documenting one way to store NIS maps in
27 LDAP, and a modified version of this normally called RFC 2307bis, with
28 some modifications to be compatible with Active Directory. The RFC
29 specification handle the content of a lot of system databases, but do
30 not handle DNS zones and DHCP configuration.</p>
31
32 <p>In <a href="http://www.skolelinux.org/">Debian Edu/Skolelinux</a>,
33 we would like to store information about users, SMB clients/hosts,
34 filegroups, netgroups (users and hosts), DHCP and DNS configuration,
35 and LTSP configuration in LDAP. These objects have a lot in common,
36 but with the current LDAP schemas it is not possible to have one
37 object per entity. For example, one need to have at least three LDAP
38 objects for a given computer, one with the SMB related stuff, one with
39 DNS information and another with DHCP information. The schemas
40 provided for DNS and DHCP are impossible to combine into one LDAP
41 object. In addition, it is impossible to implement quick queries for
42 netgroup membership, because of the way NIS triples are implemented.
43 It just do not scale. I believe it is time for a few RFC
44 specifications to cleam up this mess.</p>
45
46 <p>I would like to have one LDAP object representing each computer in
47 the network, and this object can then keep the SMB (ie host key), DHCP
48 (mac address/name) and DNS (name/IP address) settings in one place.
49 It need to be efficently stored to make sure it scale well.</p>
50
51 <p>I would also like to have a quick way to map from a user or
52 computer and to the net group this user or computer is a member.</p>
53
54 <p>Active Directory have done a better job than unix heads like myself
55 in this regard, and the unix side need to catch up. Time to start a
56 new IETF work group?</p>
57 </div>
58
59 <div class="tags">Tags: <a href="http://people.skolelinux.org/pere/blog/tags/debian">debian</a>, <a href="http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu</a>, <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/ldap">ldap</a>, <a href="http://people.skolelinux.org/pere/blog/tags/nuug">nuug</a>.</div>
60
61
62 </div>
63
64
65
66
67 <div id="sidebar">
68
69
70
71 <h2>Archive</h2>
72 <ul>
73
74 <li>2013
75 <ul>
76
77 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/01/">January (11)</a></li>
78
79 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/02/">February (9)</a></li>
80
81 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/03/">March (9)</a></li>
82
83 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/04/">April (6)</a></li>
84
85 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/05/">May (9)</a></li>
86
87 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/06/">June (8)</a></li>
88
89 </ul></li>
90
91 <li>2012
92 <ul>
93
94 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/01/">January (7)</a></li>
95
96 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/02/">February (10)</a></li>
97
98 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/03/">March (17)</a></li>
99
100 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/04/">April (12)</a></li>
101
102 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/05/">May (12)</a></li>
103
104 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/06/">June (20)</a></li>
105
106 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/07/">July (17)</a></li>
107
108 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/08/">August (6)</a></li>
109
110 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/09/">September (9)</a></li>
111
112 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/10/">October (17)</a></li>
113
114 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/11/">November (10)</a></li>
115
116 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/12/">December (7)</a></li>
117
118 </ul></li>
119
120 <li>2011
121 <ul>
122
123 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/01/">January (16)</a></li>
124
125 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/02/">February (6)</a></li>
126
127 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/03/">March (6)</a></li>
128
129 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/04/">April (7)</a></li>
130
131 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/05/">May (3)</a></li>
132
133 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/06/">June (2)</a></li>
134
135 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/07/">July (7)</a></li>
136
137 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/08/">August (6)</a></li>
138
139 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/09/">September (4)</a></li>
140
141 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/10/">October (2)</a></li>
142
143 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/11/">November (3)</a></li>
144
145 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/12/">December (1)</a></li>
146
147 </ul></li>
148
149 <li>2010
150 <ul>
151
152 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/01/">January (2)</a></li>
153
154 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/02/">February (1)</a></li>
155
156 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/03/">March (3)</a></li>
157
158 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/04/">April (3)</a></li>
159
160 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/05/">May (9)</a></li>
161
162 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/06/">June (14)</a></li>
163
164 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/07/">July (12)</a></li>
165
166 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/08/">August (13)</a></li>
167
168 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/09/">September (7)</a></li>
169
170 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/10/">October (9)</a></li>
171
172 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/11/">November (13)</a></li>
173
174 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/12/">December (12)</a></li>
175
176 </ul></li>
177
178 <li>2009
179 <ul>
180
181 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/01/">January (8)</a></li>
182
183 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/02/">February (8)</a></li>
184
185 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/03/">March (12)</a></li>
186
187 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/04/">April (10)</a></li>
188
189 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/05/">May (9)</a></li>
190
191 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/06/">June (3)</a></li>
192
193 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/07/">July (4)</a></li>
194
195 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/08/">August (3)</a></li>
196
197 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/09/">September (1)</a></li>
198
199 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/10/">October (2)</a></li>
200
201 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/11/">November (3)</a></li>
202
203 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/12/">December (3)</a></li>
204
205 </ul></li>
206
207 <li>2008
208 <ul>
209
210 <li><a href="http://people.skolelinux.org/pere/blog/archive/2008/11/">November (5)</a></li>
211
212 <li><a href="http://people.skolelinux.org/pere/blog/archive/2008/12/">December (7)</a></li>
213
214 </ul></li>
215
216 </ul>
217
218
219
220 <h2>Tags</h2>
221 <ul>
222
223 <li><a href="http://people.skolelinux.org/pere/blog/tags/3d-printer">3d-printer (13)</a></li>
224
225 <li><a href="http://people.skolelinux.org/pere/blog/tags/amiga">amiga (1)</a></li>
226
227 <li><a href="http://people.skolelinux.org/pere/blog/tags/aros">aros (1)</a></li>
228
229 <li><a href="http://people.skolelinux.org/pere/blog/tags/bankid">bankid (4)</a></li>
230
231 <li><a href="http://people.skolelinux.org/pere/blog/tags/bitcoin">bitcoin (7)</a></li>
232
233 <li><a href="http://people.skolelinux.org/pere/blog/tags/bootsystem">bootsystem (12)</a></li>
234
235 <li><a href="http://people.skolelinux.org/pere/blog/tags/bsa">bsa (2)</a></li>
236
237 <li><a href="http://people.skolelinux.org/pere/blog/tags/debian">debian (77)</a></li>
238
239 <li><a href="http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu (134)</a></li>
240
241 <li><a href="http://people.skolelinux.org/pere/blog/tags/digistan">digistan (10)</a></li>
242
243 <li><a href="http://people.skolelinux.org/pere/blog/tags/docbook">docbook (9)</a></li>
244
245 <li><a href="http://people.skolelinux.org/pere/blog/tags/drivstoffpriser">drivstoffpriser (4)</a></li>
246
247 <li><a href="http://people.skolelinux.org/pere/blog/tags/english">english (201)</a></li>
248
249 <li><a href="http://people.skolelinux.org/pere/blog/tags/fiksgatami">fiksgatami (21)</a></li>
250
251 <li><a href="http://people.skolelinux.org/pere/blog/tags/fildeling">fildeling (12)</a></li>
252
253 <li><a href="http://people.skolelinux.org/pere/blog/tags/freeculture">freeculture (11)</a></li>
254
255 <li><a href="http://people.skolelinux.org/pere/blog/tags/frikanalen">frikanalen (11)</a></li>
256
257 <li><a href="http://people.skolelinux.org/pere/blog/tags/intervju">intervju (37)</a></li>
258
259 <li><a href="http://people.skolelinux.org/pere/blog/tags/isenkram">isenkram (6)</a></li>
260
261 <li><a href="http://people.skolelinux.org/pere/blog/tags/kart">kart (18)</a></li>
262
263 <li><a href="http://people.skolelinux.org/pere/blog/tags/ldap">ldap (8)</a></li>
264
265 <li><a href="http://people.skolelinux.org/pere/blog/tags/lenker">lenker (6)</a></li>
266
267 <li><a href="http://people.skolelinux.org/pere/blog/tags/ltsp">ltsp (1)</a></li>
268
269 <li><a href="http://people.skolelinux.org/pere/blog/tags/multimedia">multimedia (25)</a></li>
270
271 <li><a href="http://people.skolelinux.org/pere/blog/tags/norsk">norsk (234)</a></li>
272
273 <li><a href="http://people.skolelinux.org/pere/blog/tags/nuug">nuug (152)</a></li>
274
275 <li><a href="http://people.skolelinux.org/pere/blog/tags/offentlig innsyn">offentlig innsyn (8)</a></li>
276
277 <li><a href="http://people.skolelinux.org/pere/blog/tags/open311">open311 (2)</a></li>
278
279 <li><a href="http://people.skolelinux.org/pere/blog/tags/opphavsrett">opphavsrett (44)</a></li>
280
281 <li><a href="http://people.skolelinux.org/pere/blog/tags/personvern">personvern (65)</a></li>
282
283 <li><a href="http://people.skolelinux.org/pere/blog/tags/raid">raid (1)</a></li>
284
285 <li><a href="http://people.skolelinux.org/pere/blog/tags/reprap">reprap (11)</a></li>
286
287 <li><a href="http://people.skolelinux.org/pere/blog/tags/rfid">rfid (2)</a></li>
288
289 <li><a href="http://people.skolelinux.org/pere/blog/tags/robot">robot (7)</a></li>
290
291 <li><a href="http://people.skolelinux.org/pere/blog/tags/rss">rss (1)</a></li>
292
293 <li><a href="http://people.skolelinux.org/pere/blog/tags/ruter">ruter (4)</a></li>
294
295 <li><a href="http://people.skolelinux.org/pere/blog/tags/scraperwiki">scraperwiki (2)</a></li>
296
297 <li><a href="http://people.skolelinux.org/pere/blog/tags/sikkerhet">sikkerhet (29)</a></li>
298
299 <li><a href="http://people.skolelinux.org/pere/blog/tags/sitesummary">sitesummary (4)</a></li>
300
301 <li><a href="http://people.skolelinux.org/pere/blog/tags/skepsis">skepsis (4)</a></li>
302
303 <li><a href="http://people.skolelinux.org/pere/blog/tags/standard">standard (43)</a></li>
304
305 <li><a href="http://people.skolelinux.org/pere/blog/tags/stavekontroll">stavekontroll (3)</a></li>
306
307 <li><a href="http://people.skolelinux.org/pere/blog/tags/stortinget">stortinget (7)</a></li>
308
309 <li><a href="http://people.skolelinux.org/pere/blog/tags/surveillance">surveillance (15)</a></li>
310
311 <li><a href="http://people.skolelinux.org/pere/blog/tags/sysadmin">sysadmin (1)</a></li>
312
313 <li><a href="http://people.skolelinux.org/pere/blog/tags/valg">valg (7)</a></li>
314
315 <li><a href="http://people.skolelinux.org/pere/blog/tags/video">video (38)</a></li>
316
317 <li><a href="http://people.skolelinux.org/pere/blog/tags/vitenskap">vitenskap (4)</a></li>
318
319 <li><a href="http://people.skolelinux.org/pere/blog/tags/web">web (26)</a></li>
320
321 </ul>
322
323
324 </div>
325 <p style="text-align: right">
326 Created by <a href="http://steve.org.uk/Software/chronicle">Chronicle v4.6</a>
327 </p>
328
329 </body>
330 </html>
Nettsider og blogg.