لطفا منتظر باشید ...
•
Table of Contents
•
Index
•
Reviews
•
Reader Reviews
•
Errata
LDAP System Administration
By
Gerald Carter
Publisher
: O''''Reilly
Pub Date
: March 2003
ISBN
: 1-56592-491-6
Pages
: 308
If you want to be a master of your domain, LDAP
System Administration will help you get up and
running quickly regardless of which LDAP version you use.
After reading this book, even with no previous LDAP
experience, you''''ll be able to integrate a directory server
into essential network services such as mail, DNS, HTTP, and
SMB/CIFS.
Chapter 9. LDAP Interoperability
What is a chapter on interoperability
doing in a book on LDAP? After all, I've presented
LDAP throughout this book as a standard protocol, and standards are
supposed to minimize, if not eliminate, interoperability problems.
One of the major selling points of LDAP is its potential for
consolidating vendor-specific or application-specific directories.
We've seen many examples of this: using LDAP as a
replacement for NIS, as a backend data store for DNS, and as a
replacement for many ad hoc databases used in email management.Still, while LDAP minimizes interoperability problems,
"minimize" is definitely the key
word. The core features of LDAP are standardized, but things such as
schemas are not. There are many common object classes and attributes
that can be extended by a vendor. Not only can schemas be extended,
the protocol can be extended as well by creating additional
operations using extensions and controls, and not all vendors support
the same ones.For each service that can be consolidated into an LDAP directory,
there must be a corresponding client-side application that can access
the old information in the new directory. That's not
always an easy order to fill; we've already seen
some clever workarounds to help older applications access an LDAP
directory, such as using the pam_ldap library presented in Chapter 6 to enable non-LDAP-aware applications to
authenticate users in the directory. Furthermore, sooner or later you
will encounter an LDAP-enabled application that requires the
directory service to implement a specific schema or extended
operation.The goal of this chapter is to discuss several technologies that you
can use to solve problems of this sort. Every directory integration
project is unique. I will show how to solve a number of common
directory integration problemsand although the problems I
discuss are typical enough, they're only a small
fraction of the problems you're likely to face. The
most effective way to prepare yourself to solve the problems posed by
your environment is to examine the tools, concepts, and architectures
that can be combined into a solution to meet the needs of your users.
