directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Denis Cardon <denis.car...@tranquil-it-systems.fr>
Subject Re: [Feedback needed] ADS pros and cons ?
Date Wed, 23 Jan 2008 13:01:47 GMT
Hi Emmanuel,
>>
>>> 1) we currently use ADS for experiments, we plan to replace MS Active 
>>> Directory Server with a more open LDAP Server
>>
>> actually Active Directory is more than just a ldap server. It bundles 
>> a customified ldap server, a kerberos server, a dns server, and some 
>> ms rpc stuff. So apache directory server could not, by itself stands 
>> for an active directory replacement (unless the only thing you need is 
>> the ldap part).
> Actually Apache Directory Server is more than just a ldap server too. It 
> bundles a *standard and compliant* ldap server 
> (http://directory.apache.org/community%26resources/open-group-certification.html), 
> a kerberos server, a dns server, a NTP server, a DHCP server, a SSO 
> solution (TripleSec) and a tool (Apache DirectoryStudio) which can't be 
> compared to LDP, because it would like comparing M$ Word (tm) to M$ 
> Notepad(tm).

My fault, I have only been looking at the ldap part of apache 
directory... I defininitly shall try the kerberos/dns/dhcp part of 
ApacheDS. Currently I'm using heimdal, bind and isc dhcp server on ldap 
backend (openldap), and looking for better solution, that's why I'm 
following this list. I didn't realized I could already get all of it 
bundled in ApacheDS! I'll try to accomodate for a few hours to roll out 
a test bench.

> And when it comes to LDAP server compliance, please just read this : 
> http://www.symas.com/documents/Adam-Eval1-0.pdf
> 
> So we think that ADS could stands for an active directory replacement. 
> Even if you just need the ldap part.

Sorry I think I misrepresented my point. I don't claim that ActiveDS is 
a good, bad or better LDAP server. I just wanted to point out that 
ActiveDS is not just an ldap server. The fact that it is much more than 
an ldap server makes it one of the most difficult part of proprietary 
stuff to get out of a IT infrastructure... What a pain !

> *But*, because nothing is perfect, it has to be documented, tested, 
> fixed, etc. We need volunteers for that.
>>
>> Open source projects are getting close to a replacement of ActiveDS, 
>> and bundling ApacheDS + Samba4alpha3 + Bind/sdb_ldap should almost do 
>> the trick, however it is not yet very polished and might need some 
>> twicking.
> I agree fully with the polishing and twicking needs !

If everything was too easy, there would'nt be any more fun geeking around!

Cheers,

Denis

-- 
Denis Cardon
Tranquil IT Systems
44 bvd des pas enchant├ęs
44230 Saint S├ębastien sur Loire
tel : +33 (0) 2.40.97.62.67
http://www.tranquil-it-systems.fr



Mime
View raw message