Dave Horsfall dave at horsfall.org
Tue Nov 6 05:58:30 AEST 2018

On Sun, 4 Nov 2018, Grant Taylor via TUHS wrote:


>> And I know very little about LDAP.
> I know very little.  But it's enough to know that I think learning more 
> and / or dealing with it is going to be annoying.

I've used OpenLDAP in a previous job for many years, for all sorts of 
things, and it worked well.  I had it integrated with Sendmail and even 
Kerberos, but I've forgotten the details now.

There is a damned good book on LDAP in general (I can't remember the 
title, but it's a thick hard-cover) so read it, cover to cover.  Then 
download the OpenLDAP source (or used a trusted binary) and read the 
documentation, esp. the quick start guide and the admin guide.

Then read them again :-)

The most important thing about learning LDAP is forgetting everything you 
ever knew about relational databases; LDAP is a *directory*, not a 
database, and the idiots at work were constantly referring to records, not 
*entries*, which drove me crazy (I have a Unify RDBMS background too).

And if/when you start using OpenLDAP, always keep it up to date; there is 
an active mailing list, but the first thing they'll ask is "What version 
are you running?".  Sure, there's been some lemon releases, but in general 
it worked fine for us; the company's balls depended upon it.

-- Dave

More information about the TUHS mailing list