Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 5 Jun 2001 16:07:36 -0700
From:      dannyman <dannyman@toldme.com>
To:        Sean Knox <wintermage@home.com>
Cc:        freebsd-questions@FreeBSD.ORG
Subject:   Re: LDAP support: iPlanet or OpenLDAP?
Message-ID:  <20010605160736.F20416@dell.dannyland.org>
In-Reply-To: <OE161o8yfogkJXrRjbD0000a904@hotmail.com>; from wintermage@home.com on Sun, Jun 03, 2001 at 06:58:40PM -0700
References:  <OE161o8yfogkJXrRjbD0000a904@hotmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Jun 03, 2001 at 06:58:40PM -0700, Sean Knox wrote:
> In a previous thread, someone mentioned they prefered iPlanet's LDAP
> implentation over OpenLDAP. Can anyone elaborate on this? I'm
> currently researching which version to implement with some Exim mail
> servers here at work, and would appreciate some feedback.

Last I checked, iPlanet is not available for FreeBSD, nor would one
expect it to be given the partnership with Sun.

iPlanet is reputed to perform very well, and implement more of LDAPv3
than OpenLDAP.

My experience with Netscape DS is running it on NT through this cursed
java console with the most horrible UI ever designed by humanity, and it
randomly flaking out, thanks in no small part to dssynch.exe, which
syncronizes users and passwords betwixt your directory and your NT 4
domain.

I also had a bitch of a time setting it up when I was new to LDAP, threw
up my hands in frustration, making dirty words.  After staying up all
night one of our former-Netscape whiz kids managed to get it running.
The greatest piece of wisdom another former Netscape person who had
wrestled with it in their previous employment could give me was to "turn
schema checking off."

I'm replacing the current LDAP implementation with OpenLDAP.

I have talked to one person in my time who says that he likes the
iPlanet IMAP server he has running on one of his Sparc boxen.

IMO, LDAP is not for the faint of heart, assuming you want it to do
ANYTHING more than just publish a telephone directory.  You really need
to swallow the red pill and start reading RFCs and books and things and
testing things and fending off your NT admin manager meekly suggesting
that if we just replaced everything with Microsoft Windows 2000 Active
Directory Services for Unix it might just all work out.

-danny

-- 
http://dannyman.toldme.com/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010605160736.F20416>