LDAP: Replacing Exchange Revisited
LDAP can occupy numerous places in an IT infrastructure. For example, you can migrate Network Information Services (NIS) to LDAP and many Legacy UNIX centric organization have done just that. While the NIS migration model serves as one excellent example, many others exist. Most recently, I saw LDAP used as a simple white page - name and address - directory service. I consider that under utilizing LDAP.
Just a simple note: NIS is client-server directory service protocol for distributing system configuration information such as user and host names between computers on a computer network. NIS uses a flat database structure while LDAP as we've discussed uses a hierarchical structure.
My first exposure to LDAP occurred in 1999. While on a consulting assignment at one of the major telecommunication firms, I saw my client migrating from their own email system to MS Exchange. Someone convinced them that their own system running on their own mainframes would fail on midnight January 1, 2000.
After the migration, it dawned on the the IT management folks that they forgot to consider their 30,000 UNIX users. You can imagine the mess. Our friends in Redmond did not produce a UNIX version of Outlook.
Later that year, I rounded up a few developers and orchestrated the creation of a UNIX clone which worked with Exchange. We used Collaboration Data Objects (CDO)and built a proxy to run from a UNIX client to Exchange. The main goal of the project focused on calendar events.
While interest in the client circulated from one Fortune 50 company to many others, Exchange administrators feared having "rogue" technology on their networks.
As a product, our client failed, but in the process of marketing and accepting requests we discovered that we could build a server that could function side by side with Exchange. We also discovered an LDAP directory running like white pages within Exchange.
Note: In the next segment, we'll discuss ObjectClasses, attributes and schemas, but not now.
Suffice it to say, Exchange used standard ObjectClasses and attributes within its directory. We did not find it a stretch to duplicate those LDAP objects. Ultimately, the Exchange 5.5 directory morphed into AD - the current enterprise directory from Redmond. Still, in building a product people would buy, we found LDAP a common crossover thread.
So, what's the point of this story? Plain and simple, the Open Source Community has had the makings of products widely used in enterprises today. We just have not taken advantage of our resources.
Now, consider this a short prelude to deeper aspects of the LDAP protocol. If we want to move our Open Source LDAP products (OpenLDAP and Fedora Directory Server) deeper into business we need to first understand the basic building materials and then start to innovate.
Our next adventure begins with schemas and the objects that make work. Speak to you soon.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- BitTorrent Inc.'s Sync
- The Death of RoboVM
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The Humble Hacker?
- The US Government and Open-Source Software
- New Container Image Standard Promises More Portable Apps
- Open-Source Project Secretly Funded by CIA
- AdaCore's SPARK Pro
- ACI Worldwide's UP Retail Payments
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide