]> pere.pagekite.me Git - homepage.git/blob - blog/Time_for_new__LDAP_schemas_replacing_RFC_2307_.html
projects / homepage.git / blob
? search:


feae914f8b0b2912f25b90aa4132bcd0e13931fc
[homepage.git] / blog / Time_for_new__LDAP_schemas_replacing_RFC_2307_.html
1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
2 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
3 <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr">
4 <head>
5 <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
6 <title>Petter Reinholdtsen: Time for new LDAP schemas replacing RFC 2307?</title>
7 <link rel="stylesheet" type="text/css" media="screen" href="http://people.skolelinux.org/pere/blog/style.css" />
8 <link rel="stylesheet" type="text/css" media="screen" href="http://people.skolelinux.org/pere/blog/vim.css" />
9 </head>
10 <body>
11 <div class="title">
12 <h1>
13 <a href="http://people.skolelinux.org/pere/blog/">Petter Reinholdtsen</a>
14
15 </h1>
16
17 </div>
18
19
20 <div class="entry">
21 <div class="title">Time for new LDAP schemas replacing RFC 2307?</div>
22 <div class="date">29th March 2009</div>
23 <div class="body"><p>The state of standardized LDAP schemas on Linux is far from
24 optimal. There is RFC 2307 documenting one way to store NIS maps in
25 LDAP, and a modified version of this normally called RFC 2307bis, with
26 some modifications to be compatible with Active Directory. The RFC
27 specification handle the content of a lot of system databases, but do
28 not handle DNS zones and DHCP configuration.</p>
29
30 <p>In <a href="http://www.skolelinux.org/">Debian Edu/Skolelinux</a>,
31 we would like to store information about users, SMB clients/hosts,
32 filegroups, netgroups (users and hosts), DHCP and DNS configuration,
33 and LTSP configuration in LDAP. These objects have a lot in common,
34 but with the current LDAP schemas it is not possible to have one
35 object per entity. For example, one need to have at least three LDAP
36 objects for a given computer, one with the SMB related stuff, one with
37 DNS information and another with DHCP information. The schemas
38 provided for DNS and DHCP are impossible to combine into one LDAP
39 object. In addition, it is impossible to implement quick queries for
40 netgroup membership, because of the way NIS triples are implemented.
41 It just do not scale. I believe it is time for a few RFC
42 specifications to cleam up this mess.</p>
43
44 <p>I would like to have one LDAP object representing each computer in
45 the network, and this object can then keep the SMB (ie host key), DHCP
46 (mac address/name) and DNS (name/IP address) settings in one place.
47 It need to be efficently stored to make sure it scale well.</p>
48
49 <p>I would also like to have a quick way to map from a user or
50 computer and to the net group this user or computer is a member.</p>
51
52 <p>Active Directory have done a better job than unix heads like myself
53 in this regard, and the unix side need to catch up. Time to start a
54 new IETF work group?</p>
55 </div>
56
57 <div class="tags">Tags: <a href="http://people.skolelinux.org/pere/blog/tags/debian">debian</a>, <a href="http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu</a>, <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/ldap">ldap</a>, <a href="http://people.skolelinux.org/pere/blog/tags/nuug">nuug</a>.</div>
58
59
60 </div>
61
62
63
64
65 <div id="sidebar">
66
67
68
69 <h2>Archive</h2>
70 <ul>
71
72 <li>2013
73 <ul>
74
75 <li><a href="http://people.skolelinux.org/pere/blog/archive/2013/01/">January (10)</a></li>
76
77 </ul></li>
78
79 <li>2012
80 <ul>
81
82 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/01/">January (7)</a></li>
83
84 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/02/">February (10)</a></li>
85
86 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/03/">March (17)</a></li>
87
88 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/04/">April (12)</a></li>
89
90 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/05/">May (12)</a></li>
91
92 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/06/">June (20)</a></li>
93
94 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/07/">July (17)</a></li>
95
96 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/08/">August (6)</a></li>
97
98 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/09/">September (9)</a></li>
99
100 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/10/">October (17)</a></li>
101
102 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/11/">November (10)</a></li>
103
104 <li><a href="http://people.skolelinux.org/pere/blog/archive/2012/12/">December (7)</a></li>
105
106 </ul></li>
107
108 <li>2011
109 <ul>
110
111 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/01/">January (16)</a></li>
112
113 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/02/">February (6)</a></li>
114
115 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/03/">March (6)</a></li>
116
117 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/04/">April (7)</a></li>
118
119 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/05/">May (3)</a></li>
120
121 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/06/">June (2)</a></li>
122
123 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/07/">July (7)</a></li>
124
125 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/08/">August (6)</a></li>
126
127 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/09/">September (4)</a></li>
128
129 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/10/">October (2)</a></li>
130
131 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/11/">November (3)</a></li>
132
133 <li><a href="http://people.skolelinux.org/pere/blog/archive/2011/12/">December (1)</a></li>
134
135 </ul></li>
136
137 <li>2010
138 <ul>
139
140 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/01/">January (2)</a></li>
141
142 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/02/">February (1)</a></li>
143
144 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/03/">March (3)</a></li>
145
146 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/04/">April (3)</a></li>
147
148 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/05/">May (9)</a></li>
149
150 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/06/">June (14)</a></li>
151
152 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/07/">July (12)</a></li>
153
154 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/08/">August (13)</a></li>
155
156 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/09/">September (7)</a></li>
157
158 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/10/">October (9)</a></li>
159
160 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/11/">November (13)</a></li>
161
162 <li><a href="http://people.skolelinux.org/pere/blog/archive/2010/12/">December (12)</a></li>
163
164 </ul></li>
165
166 <li>2009
167 <ul>
168
169 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/01/">January (8)</a></li>
170
171 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/02/">February (8)</a></li>
172
173 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/03/">March (12)</a></li>
174
175 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/04/">April (10)</a></li>
176
177 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/05/">May (9)</a></li>
178
179 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/06/">June (3)</a></li>
180
181 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/07/">July (4)</a></li>
182
183 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/08/">August (3)</a></li>
184
185 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/09/">September (1)</a></li>
186
187 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/10/">October (2)</a></li>
188
189 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/11/">November (3)</a></li>
190
191 <li><a href="http://people.skolelinux.org/pere/blog/archive/2009/12/">December (3)</a></li>
192
193 </ul></li>
194
195 <li>2008
196 <ul>
197
198 <li><a href="http://people.skolelinux.org/pere/blog/archive/2008/11/">November (5)</a></li>
199
200 <li><a href="http://people.skolelinux.org/pere/blog/archive/2008/12/">December (7)</a></li>
201
202 </ul></li>
203
204 </ul>
205
206
207
208 <h2>Tags</h2>
209 <ul>
210
211 <li><a href="http://people.skolelinux.org/pere/blog/tags/3d-printer">3d-printer (13)</a></li>
212
213 <li><a href="http://people.skolelinux.org/pere/blog/tags/amiga">amiga (1)</a></li>
214
215 <li><a href="http://people.skolelinux.org/pere/blog/tags/aros">aros (1)</a></li>
216
217 <li><a href="http://people.skolelinux.org/pere/blog/tags/bankid">bankid (4)</a></li>
218
219 <li><a href="http://people.skolelinux.org/pere/blog/tags/bitcoin">bitcoin (5)</a></li>
220
221 <li><a href="http://people.skolelinux.org/pere/blog/tags/bootsystem">bootsystem (12)</a></li>
222
223 <li><a href="http://people.skolelinux.org/pere/blog/tags/bsa">bsa (2)</a></li>
224
225 <li><a href="http://people.skolelinux.org/pere/blog/tags/debian">debian (68)</a></li>
226
227 <li><a href="http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu (118)</a></li>
228
229 <li><a href="http://people.skolelinux.org/pere/blog/tags/digistan">digistan (9)</a></li>
230
231 <li><a href="http://people.skolelinux.org/pere/blog/tags/docbook">docbook (7)</a></li>
232
233 <li><a href="http://people.skolelinux.org/pere/blog/tags/drivstoffpriser">drivstoffpriser (4)</a></li>
234
235 <li><a href="http://people.skolelinux.org/pere/blog/tags/english">english (174)</a></li>
236
237 <li><a href="http://people.skolelinux.org/pere/blog/tags/fiksgatami">fiksgatami (21)</a></li>
238
239 <li><a href="http://people.skolelinux.org/pere/blog/tags/fildeling">fildeling (12)</a></li>
240
241 <li><a href="http://people.skolelinux.org/pere/blog/tags/freeculture">freeculture (10)</a></li>
242
243 <li><a href="http://people.skolelinux.org/pere/blog/tags/frikanalen">frikanalen (9)</a></li>
244
245 <li><a href="http://people.skolelinux.org/pere/blog/tags/intervju">intervju (32)</a></li>
246
247 <li><a href="http://people.skolelinux.org/pere/blog/tags/kart">kart (17)</a></li>
248
249 <li><a href="http://people.skolelinux.org/pere/blog/tags/ldap">ldap (8)</a></li>
250
251 <li><a href="http://people.skolelinux.org/pere/blog/tags/lenker">lenker (6)</a></li>
252
253 <li><a href="http://people.skolelinux.org/pere/blog/tags/ltsp">ltsp (1)</a></li>
254
255 <li><a href="http://people.skolelinux.org/pere/blog/tags/multimedia">multimedia (25)</a></li>
256
257 <li><a href="http://people.skolelinux.org/pere/blog/tags/norsk">norsk (219)</a></li>
258
259 <li><a href="http://people.skolelinux.org/pere/blog/tags/nuug">nuug (148)</a></li>
260
261 <li><a href="http://people.skolelinux.org/pere/blog/tags/offentlig innsyn">offentlig innsyn (6)</a></li>
262
263 <li><a href="http://people.skolelinux.org/pere/blog/tags/open311">open311 (2)</a></li>
264
265 <li><a href="http://people.skolelinux.org/pere/blog/tags/opphavsrett">opphavsrett (41)</a></li>
266
267 <li><a href="http://people.skolelinux.org/pere/blog/tags/personvern">personvern (61)</a></li>
268
269 <li><a href="http://people.skolelinux.org/pere/blog/tags/raid">raid (1)</a></li>
270
271 <li><a href="http://people.skolelinux.org/pere/blog/tags/reprap">reprap (11)</a></li>
272
273 <li><a href="http://people.skolelinux.org/pere/blog/tags/rfid">rfid (2)</a></li>
274
275 <li><a href="http://people.skolelinux.org/pere/blog/tags/robot">robot (6)</a></li>
276
277 <li><a href="http://people.skolelinux.org/pere/blog/tags/rss">rss (1)</a></li>
278
279 <li><a href="http://people.skolelinux.org/pere/blog/tags/ruter">ruter (4)</a></li>
280
281 <li><a href="http://people.skolelinux.org/pere/blog/tags/scraperwiki">scraperwiki (2)</a></li>
282
283 <li><a href="http://people.skolelinux.org/pere/blog/tags/sikkerhet">sikkerhet (28)</a></li>
284
285 <li><a href="http://people.skolelinux.org/pere/blog/tags/sitesummary">sitesummary (4)</a></li>
286
287 <li><a href="http://people.skolelinux.org/pere/blog/tags/skepsis">skepsis (4)</a></li>
288
289 <li><a href="http://people.skolelinux.org/pere/blog/tags/standard">standard (39)</a></li>
290
291 <li><a href="http://people.skolelinux.org/pere/blog/tags/stavekontroll">stavekontroll (3)</a></li>
292
293 <li><a href="http://people.skolelinux.org/pere/blog/tags/stortinget">stortinget (5)</a></li>
294
295 <li><a href="http://people.skolelinux.org/pere/blog/tags/surveillance">surveillance (12)</a></li>
296
297 <li><a href="http://people.skolelinux.org/pere/blog/tags/sysadmin">sysadmin (1)</a></li>
298
299 <li><a href="http://people.skolelinux.org/pere/blog/tags/valg">valg (7)</a></li>
300
301 <li><a href="http://people.skolelinux.org/pere/blog/tags/video">video (35)</a></li>
302
303 <li><a href="http://people.skolelinux.org/pere/blog/tags/vitenskap">vitenskap (4)</a></li>
304
305 <li><a href="http://people.skolelinux.org/pere/blog/tags/web">web (26)</a></li>
306
307 </ul>
308
309
310 </div>
311 <p style="text-align: right">
312 Created by <a href="http://steve.org.uk/Software/chronicle">Chronicle v4.4</a>
313 </p>
314
315 </body>
316 </html>
Nettsider og blogg.