LDAP: Replacing Exchange Revisited
LDAP can occupy numerous places in an IT infrastructure. For example, you can migrate Network Information Services (NIS) to LDAP and many Legacy UNIX centric organization have done just that. While the NIS migration model serves as one excellent example, many others exist. Most recently, I saw LDAP used as a simple white page - name and address - directory service. I consider that under utilizing LDAP.
Just a simple note: NIS is client-server directory service protocol for distributing system configuration information such as user and host names between computers on a computer network. NIS uses a flat database structure while LDAP as we've discussed uses a hierarchical structure.
My first exposure to LDAP occurred in 1999. While on a consulting assignment at one of the major telecommunication firms, I saw my client migrating from their own email system to MS Exchange. Someone convinced them that their own system running on their own mainframes would fail on midnight January 1, 2000.
After the migration, it dawned on the the IT management folks that they forgot to consider their 30,000 UNIX users. You can imagine the mess. Our friends in Redmond did not produce a UNIX version of Outlook.
Later that year, I rounded up a few developers and orchestrated the creation of a UNIX clone which worked with Exchange. We used Collaboration Data Objects (CDO)and built a proxy to run from a UNIX client to Exchange. The main goal of the project focused on calendar events.
While interest in the client circulated from one Fortune 50 company to many others, Exchange administrators feared having "rogue" technology on their networks.
As a product, our client failed, but in the process of marketing and accepting requests we discovered that we could build a server that could function side by side with Exchange. We also discovered an LDAP directory running like white pages within Exchange.
Note: In the next segment, we'll discuss ObjectClasses, attributes and schemas, but not now.
Suffice it to say, Exchange used standard ObjectClasses and attributes within its directory. We did not find it a stretch to duplicate those LDAP objects. Ultimately, the Exchange 5.5 directory morphed into AD - the current enterprise directory from Redmond. Still, in building a product people would buy, we found LDAP a common crossover thread.
So, what's the point of this story? Plain and simple, the Open Source Community has had the makings of products widely used in enterprises today. We just have not taken advantage of our resources.
Now, consider this a short prelude to deeper aspects of the LDAP protocol. If we want to move our Open Source LDAP products (OpenLDAP and Fedora Directory Server) deeper into business we need to first understand the basic building materials and then start to innovate.
Our next adventure begins with schemas and the objects that make work. Speak to you soon.
Free DevOps eBooks, Videos, and more!
Regardless of where you are in your DevOps process, Linux Journal can help!
We offer here the DEFINITIVE DevOps for Dummies, a mobile Application Development Primer, and advice & help from the expert sources like:
- Linux Journal
- New Products
- Flexible Access Control with Squid Proxy
- Users, Permissions and Multitenant Sites
- Security in Three Ds: Detect, Decide and Deny
- High-Availability Storage with HA-LVM
- Tighten Up SSH
- DevOps: Everything You Need to Know
- Non-Linux FOSS: MenuMeters
- Solving ODEs on Linux
- Android Candy: Bluetooth Auto Connect