LDAP: Replacing Exchange Revisited
LDAP can occupy numerous places in an IT infrastructure. For example, you can migrate Network Information Services (NIS) to LDAP and many Legacy UNIX centric organization have done just that. While the NIS migration model serves as one excellent example, many others exist. Most recently, I saw LDAP used as a simple white page - name and address - directory service. I consider that under utilizing LDAP.
Just a simple note: NIS is client-server directory service protocol for distributing system configuration information such as user and host names between computers on a computer network. NIS uses a flat database structure while LDAP as we've discussed uses a hierarchical structure.
My first exposure to LDAP occurred in 1999. While on a consulting assignment at one of the major telecommunication firms, I saw my client migrating from their own email system to MS Exchange. Someone convinced them that their own system running on their own mainframes would fail on midnight January 1, 2000.
After the migration, it dawned on the the IT management folks that they forgot to consider their 30,000 UNIX users. You can imagine the mess. Our friends in Redmond did not produce a UNIX version of Outlook.
Later that year, I rounded up a few developers and orchestrated the creation of a UNIX clone which worked with Exchange. We used Collaboration Data Objects (CDO)and built a proxy to run from a UNIX client to Exchange. The main goal of the project focused on calendar events.
While interest in the client circulated from one Fortune 50 company to many others, Exchange administrators feared having "rogue" technology on their networks.
As a product, our client failed, but in the process of marketing and accepting requests we discovered that we could build a server that could function side by side with Exchange. We also discovered an LDAP directory running like white pages within Exchange.
Note: In the next segment, we'll discuss ObjectClasses, attributes and schemas, but not now.
Suffice it to say, Exchange used standard ObjectClasses and attributes within its directory. We did not find it a stretch to duplicate those LDAP objects. Ultimately, the Exchange 5.5 directory morphed into AD - the current enterprise directory from Redmond. Still, in building a product people would buy, we found LDAP a common crossover thread.
So, what's the point of this story? Plain and simple, the Open Source Community has had the makings of products widely used in enterprises today. We just have not taken advantage of our resources.
Now, consider this a short prelude to deeper aspects of the LDAP protocol. If we want to move our Open Source LDAP products (OpenLDAP and Fedora Directory Server) deeper into business we need to first understand the basic building materials and then start to innovate.
Our next adventure begins with schemas and the objects that make work. Speak to you soon.
Getting Started with DevOps - Including New Data on IT Performance from Puppet Labs 2015 State of DevOps Report
August 27, 2015
12:00 PM CDT
DevOps represents a profound change from the way most IT departments have traditionally worked: from siloed teams and high-anxiety releases to everyone collaborating on uneventful and more frequent releases of higher-quality code. It doesn't matter how large or small an organization is, or even whether it's historically slow moving or risk averse — there are ways to adopt DevOps sanely, and get measurable results in just weeks.
Free to Linux Journal readers.Register Now!
- Hacking a Safe with Bash
- Django Models and Migrations
- Home Automation with Raspberry Pi
- Secure Server Deployments in Hostile Territory, Part II
- The Controversy Behind Canonical's Intellectual Property Policy
- Huge Package Overhaul for Debian and Ubuntu
- Embed Linux in Monitoring and Control Systems
- Shashlik - a Tasty New Android Simulator
- KDE Reveals Plasma Mobile
- Purism Librem 13 Review