[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Comparing OpenLDAP on Linux 2.6/Sol 10 [ was Re: Berkeley DB versions ]
On Mon, 16 Jan 2006 14:04:51 -0800
Quanah Gibson-Mount <quanah@stanford.edu> wrote:
> This seems somewhat broken to me -- What if information about a given user
> changes? For example, we lock out/freeze accounts based on DMCA
> complaints. That gets reflected in the directory server. If the systems
> were caching that data instead of doing live lookups, we'd have a major
> problem on our hands.
Well, as long as you don't use it for long, I don't see it as a big
deal.
> This connection looks up the rdn of the users UID (SuRegID), and then uses
> that to find out if they belong to a particular privilege group, doing a
> compare.
>
> Again, no need for a database dump here. The idea is that the LDAP server
> *is* the database.
Sure. From what I can tell it will be a mix of both. The dump will probably
be required only occasionally, but I still want it to be efficient.
> If the Samba folks are dumping the entire database and caching it, it just
> seems to me to be another instance of their lack of comprehension about how
> to use LDAP.
Honestly, the smbd may only do that once, I don't really know. I'm not familiar
with the internals, so a judgement on the Samba folks may be premature.
Jim