[nycphp-talk] LDAP for web authorization?
Tim Sailer
sailer at bnl.gov
Thu Nov 2 09:50:48 EST 2006
On Thu, Nov 02, 2006 at 09:44:10AM -0500, Randal Rust wrote:
> On 11/2/06, Tim Sailer <sailer at bnl.gov> wrote:
>
> > I have some crufty old PHP code I slammed together in a few hours
> > about 4-5 years ago that will show how to manipulate the attributes
> > for mail aliases,
>
> I am in the middle of a project where the client uses LDAP not only as
> a authentication tool, but also as a data store. My understanding is
> that LDAP is not supposed to be used as a data store that is
> frequently updated. Am I correct?
That was the design, but with the right hardware, you can make the
writes and resultant replication much less expensive. Schema and indexing
are very important. Just remember, depending on your implementation,
unindexed searches may cause the server to block, making the service
appear very slow.
> It currently manages the data for something like 2,000 library
> systems, including contact information, addresses, employees, branches
> and departments.
That doesn't sound like it would be an issue. Just remember, 'right
tool for the right job'.
Tim
--
Tim Sailer <sailer at bnl.gov>
DoE Intelligence and Counterintelligence - Cyber Division
Northeast Regional Counterintelligence Office
Brookhaven National Laboratory (631) 344-3001
More information about the talk
mailing list