On Feb 13, 2008, at 11:32 AM, Mike McGrath wrote:
Well, over time its become clear that LDAP is just not very good at
doing
groups as we want it to do. We need to have people self-add
themselves to
groups, track when they were added, who added them. People can have
different access levels in the group (unapproved, user, sponsor,
admin).
LDAP is very geared towards what most people need (someone in charge
of a
group and adding people to that group). In an open environment like
ours,
we need the whole application process. Its not that LDAP is bad,
just not
the right tool for the job.
...
Thoughts? Comments? Concerns?
Will using Postgres as the back-end and LDAP as a middle piece work
with FAS2? Perhaps using LDAP to integrate with NSS and other 3rd
party apps, but just for authentication/authorization (read access).
Right now I'm using LDAP as my primary data store for our Library
systems at OSU, but I'm considering moving to a tiered LDAP+SQL
system, so if there are reasons why it doesn't work well I'd be
especially happy to hear about them. :-)
Ryan
--
Ryan Ordway E-mail: rordway@xxxxxxxxxxxxxxx
Unix Systems Administrator rordway@xxxxxxxxxxxxxxxxxxxxxxx
OSU Libraries, Corvallis, OR 97331 Office: Valley Library #4657
_______________________________________________
Fedora-infrastructure-list mailing list
Fedora-infrastructure-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
