[nycphp-talk] LDAP for web authorization?
Max Gribov
max at neuropunks.org
Thu Nov 30 04:04:58 EST 2006
Randal Rust wrote:
> On 11/2/06, charlie derr <cderr at simons-rock.edu> wrote:
>
> While I understand what you are saying, I don't think I properly
> explained what the client is doing. They store all of their data in
> the LDAP, then they run a bunch of batch files on a nightly basis that
> exports the data from the LDAP to CSV files, so that the data can then
> be imported into Access, MySQL and other data sources.
>
> There is a lot of hoop-jumping required because LDAP is the primary
> data store. For example, one of the required attributes is 'recordID.'
> To get that, which is essentially a primary key for the MySQL export,
> we have to go out and open a file that stores all of the recordIDs,
> get the last one in the file, increment it by one, and then use that
> value when we do the ldap_add().
>
> I just think it would make a lot more sense to use MySQL as the
> primary data store, and then extract the data as an LDIF for import in
> to LDAP.
>
Just as a side note, adodb extension supports ldap and sql backends
using pretty much same syntax, so at least you can have code
consistency, simply changing the statement executed from some .conf file
('select * from bla' vs ugly ldap queries), and then send it to the
good old $conn_id->Execute().
More information about the talk
mailing list