[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Mysql as a backend for LDAP
Another reason to use an RDBM backend is that there can be tighter data
constraints an referential integrity. For example, we're experimenting
with back-sql here at CMU, and we have LDAP objects that represent people
and LDAP objects that represent computer accounts. An account entry has an
"owner" attribute with the DN of a person, and a Person entry has an
"account" attribute with an account DN. LDAP and OpenLDAP offer no strong
way to make sure these "pointers" are accurate, but if I put the data in
Oracle I can set CONSTRAINTS and TRIGGERS to make sure the data is always
referentially correct. It also means I can look up a person entry and get
the person's account username as an attribute of the person entry without
even having the usernames stored directly under the person object; it is
in the linked account object and SQL allows me to do a JOIN and fetch the
username from there. (thus my earlier post about using "uid" :)
-Mark Adamson
Carnegie Mellon