From owner-freebsd-hackers@FreeBSD.ORG Fri Jan 12 00:30:52 2007 Return-Path: X-Original-To: freebsd-hackers@freebsd.org Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 0FD8B16A416 for ; Fri, 12 Jan 2007 00:30:52 +0000 (UTC) (envelope-from fcash@ocis.net) Received: from smtp.sd73.bc.ca (smtp.sd73.bc.ca [142.24.13.140]) by mx1.freebsd.org (Postfix) with ESMTP id E574213C448 for ; Fri, 12 Jan 2007 00:30:51 +0000 (UTC) (envelope-from fcash@ocis.net) Received: from localhost (localhost [127.0.0.1]) by localhost.sd73.bc.ca (Postfix) with ESMTP id 56B6B1A000B2A for ; Thu, 11 Jan 2007 16:30:51 -0800 (PST) X-Virus-Scanned: Debian amavisd-new at smtp.sd73.bc.ca Received: from smtp.sd73.bc.ca ([127.0.0.1]) by localhost (smtp.sd73.bc.ca [127.0.0.1]) (amavisd-new, port 10024) with LMTP id ti-OUwksjhnH for ; Thu, 11 Jan 2007 16:30:44 -0800 (PST) Received: from coal (s10.sbo [192.168.0.10]) by smtp.sd73.bc.ca (Postfix) with ESMTP id D6CBB1A0007D6 for ; Thu, 11 Jan 2007 16:30:44 -0800 (PST) From: Freddie Cash To: freebsd-hackers@freebsd.org Date: Thu, 11 Jan 2007 16:30:43 -0800 User-Agent: KMail/1.9.5 References: <60737.24.71.119.183.1168496463.squirrel@webmail.sd73.bc.ca> <17830.29050.791321.480369@bhuda.mired.org> <45A67A34.5080001@evilphi.com> In-Reply-To: <45A67A34.5080001@evilphi.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200701111630.43734.fcash@ocis.net> Subject: Re: LDAP integration X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Jan 2007 00:30:52 -0000 On Thursday 11 January 2007 09:56 am, Darren Pilgrim wrote: > Mike Meyer wrote: > > In <20070111035549.7c11a450@vixen42>, Vulpes Velox typed: > >> LDAP is nice organizing across many systems, but if you are just > >> dealing with one computer it is complete over kill for any thing. > > > > In that situation, it's not merely overkill, it's may actually be a > > bad idea. Can you say "AIX SDR"? How about "Windows registry"? > > > > Those system both took the approach of putting all the configuration > > information in a central database. This creates problems because the > > tools needed to examine/fix the config database require a complex > > environment - at least compared to a statically linked copy of > > ed. LDAP may not be so bad, but it still makes me nervous. > > > > On the other hand, if you've got a flock of boxes to manage, having a > > way to tell the rc subsystem "Go read config values from this LDAP > > server" seems like a very attractive alternative. > > And to think, all these years I've been wasting my time and effort > using NFS and rsync to centralize the configurations of server farms. I think (Mike will have to confirm/deny) what Mike was trying to say was that for a single system, a centralised database for configuration options was overkill and a problem. Using the Windows Registry as an example. But, using a centralised database for configuring dozens of systems (similar or otherwise) could be a good idea, and that LDAP may be good in that situation (a lot of reading going on at boot to create the configs). -- Freddie Cash fcash@ocis.net