Welp, I've failed.

Ryan Ordway rordway at oregonstate.edu
Thu Feb 14 23:18:40 UTC 2008


On Feb 13, 2008, at 11:32 AM, Mike McGrath wrote:
> Well, over time its become clear that LDAP is just not very good at  
> doing
> groups as we want it to do.  We need to have people self-add  
> themselves to
> groups, track when they were added, who added them.  People can have
> different access levels in the group (unapproved, user, sponsor,  
> admin).
> LDAP is very geared towards what most people need (someone in charge  
> of a
> group and adding people to that group).  In an open environment like  
> ours,
> we need the whole application process.  Its not that LDAP is bad,  
> just not
> the right tool for the job.

...

> Thoughts? Comments? Concerns?


Will using Postgres as the back-end and LDAP as a middle piece work  
with FAS2? Perhaps using LDAP to integrate with NSS and other 3rd  
party apps, but just for authentication/authorization (read access).

Right now I'm using LDAP as my primary data store for our Library  
systems at OSU, but I'm considering moving to a tiered LDAP+SQL  
system, so if there are reasons why it doesn't work well I'd be  
especially happy to hear about them. :-)

Ryan

--
Ryan Ordway                           E-mail: rordway at oregonstate.edu
Unix Systems Administrator               rordway at library.oregonstate.edu
OSU Libraries, Corvallis, OR 97331    Office: Valley Library #4657












More information about the Fedora-infrastructure-list mailing list