65 articles and counting

OpenLDAP Notes

I’m going to write a series of short blog posts about my nascent experiences with LDAP directories.

I hope to cover the good, the bad, and the fugly of this beast.

Planned posts will include:

  • Why LDAP isn’t more widely adopted or WTF?!?
  • LDAP for MySQL peeps
  • LDAP for OO programmers
  • Care and feeding for the total newb (tips)
  • Directory data modeling example

Why Study OpenLDAP?

I’m helping organize the Mozillians.org project. To enable adv privacy experiments we’re using OpenLDAP as the initial backend.

I need to get my head around it enough to be able to shoot myself in the foot :)

I’ve always wanted to study a hierarchical DB, beyond file systems and other common data stores. I didn’t really find one… until LDAP.

There are four main types of databases:

  • Relational
  • Hierarchical
  • Graph
  • Document

Web developers tend to focus on RDBMS and Document (NoSQL) databases. RDBMS are so ingrained in us, that we’ve standardize many webapp frameworks on top of the ActiveRecord pattern.

Lots of creative energy is being put into new database (CouchDB, MongoDB, etc) or data structure servers (Redis) that push and remix the ideas of these four paradigms.

OpenLDAP is most closely aligns with the hierarchical flavor of a database management system. I really enjoy studying systems that have stood the test of time. You can learn a lot by examining the strength and flaws.

Many of Mozilla’s core developer webtools integrate with our current existing LDAP instance.

There are many large OpenLDAP installations in the wild. It’s ancient, robust, and optimized for certain classes of problems.

I’m going to say lots of positive and negative things about LDAP. These are my observations and aren’t terribly clueful or empirical, so please educate me. My goal isn’t to flame the OpenLDAP community, but to give honest insight into the beginner’s mind.

So… onwards!

3 Responses to “OpenLDAP Notes”

Robert Kaiser - 10/06/11
1) Thanks for doing this series, I always wanted to know more about LDAP (and running an LDAP server).
2) For the "why isn't it more widely adopted?" I think it's considered both "ancient" and "complicated to get to run and to use", which are always stopgaps to adoption, while "cool&new" as well as "easy" are promoting adoption most of the time.
ozten - 10/06/11
Robert great points. Hopefully the other posts will be interesting or useful to you.
Kelly Clowers - 11/06/11
Oh hey, I am setting up openldap in Seattle right now as well (well, the ldap is in CA, but I am in Seattle...)