Welp, I've failed.
Ryan Ordway
rordway at oregonstate.edu
Thu Feb 14 23:18:40 UTC 2008
On Feb 13, 2008, at 11:32 AM, Mike McGrath wrote:
> Well, over time its become clear that LDAP is just not very good at
> doing
> groups as we want it to do. We need to have people self-add
> themselves to
> groups, track when they were added, who added them. People can have
> different access levels in the group (unapproved, user, sponsor,
> admin).
> LDAP is very geared towards what most people need (someone in charge
> of a
> group and adding people to that group). In an open environment like
> ours,
> we need the whole application process. Its not that LDAP is bad,
> just not
> the right tool for the job.
...
> Thoughts? Comments? Concerns?
Will using Postgres as the back-end and LDAP as a middle piece work
with FAS2? Perhaps using LDAP to integrate with NSS and other 3rd
party apps, but just for authentication/authorization (read access).
Right now I'm using LDAP as my primary data store for our Library
systems at OSU, but I'm considering moving to a tiered LDAP+SQL
system, so if there are reasons why it doesn't work well I'd be
especially happy to hear about them. :-)
Ryan
--
Ryan Ordway E-mail: rordway at oregonstate.edu
Unix Systems Administrator rordway at library.oregonstate.edu
OSU Libraries, Corvallis, OR 97331 Office: Valley Library #4657
More information about the Fedora-infrastructure-list
mailing list