Re: DoveCot vs Cyrus-Imapd Performance

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Les Mikesell wrote:
The problem is that I want to be able to install my next hundred
boxes running an assortment of OS versions that I don't know
about yet, and have them find whatever attributes they need
already available.  I don't want to have to tweak the server
every time I add a new service.  In fact I want it to work without
the person adding a new box/service having access to modify the
LDAP server.

For most part, various components will use same attributes, so it will be usually easy to integrate new stuff with LDAP database. However, having static LDAP setup, that you can put in place and forget about is kind of unrealistic. LDAP is extensible, and that is what is great about it. It comes with a price. If nothing else, you might want to extend it and add attributes specific to your company/environment. There's no way to standardize those, unless each and every imaginable bussiness starts to be managed in *exactly* the same way (to the last tiny bit of detail). Something that isn't going to happen.


You want to add Sendmail LDAP mail routing for that user, add inetLocalMailRecipient to list of his objectClass(es), and add attributes such as mailLocalAddress or mailRoutingAddress. You don't create separate tree for every service that needs to store data about user. You add object classes needed to describe user to his objectClass attribute, and than you add service specific attributes.

But isn't this already well enough understood to just be included
in one standard format?

Well it is. Hower (some of the) data that one implementation of some service can use, might be unusable by another. Both can be perfect implementations of a protocol as defined by RFC. But both will have specific additional features to make your life easier. For example, something that is trivial to implement in Sendmail, might not be easy job for Postfix. Or vice versa.


I don't really want to know that I'm modifying things in LDAP to
add a user or change a password.  The tool that adds users should
do all the grunge work. If it needs to store the password in
3 different format to work, it should do it.  I think there are
such tools - the problem is that there is more than one and they
probably don't all interoperate.

No, I don't want a custom tool - I don't want to need a custom tool.
I want a stock schema that provides all the attributes that all the
tools in the base distribution know how to use, and a standard tool
that populates them.  Anything else seems as bizarre as having to
decide on your own fields and layout of the passwd file before you
could add any users.  What is it about LDAP that has kept it from
being standardized years ago?

It is hard to standardize on something extensible. Anybody (including you and me) can add custom attributes and extend standard schemas. A tool that would be used for managing users, would need to be extendible too. It's far more complex that adding a line to /etc/passwd.


--
Aleksandar Milivojevic <amilivojevic@xxxxxx>    Pollard Banknote Limited
Systems Administrator                           1499 Buffalo Place
Tel: (204) 474-2323 ext 276                     Winnipeg, MB  R3T 1L7


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux