Re: New ldap schema for debian-edu?
Le Friday 16 July 2010 09:59:42 Andreas B. Mundt, vous avez écrit :
> Hi all,
Hello,
> I have been following part of the discussions to refurbish the ldap
> structure in debian-edu as documented and discussed on IRC and in
> <URL:http://wiki.debian.org/DebianEdu/NewLDAPStructure>
> <URL:http://people.skolelinux.org/pere/blog/Combining_PowerDNS_and_ISC_
>DHCP_LDAP_objects.html>.
>
> Especially with the ideas of creating a new schema I cannot get rid of
> a uncomfortable feeling. Let me explain why:
Mee to :/
> What makes me wonder is, why a small project like debian-edu needs to
> come up with the invention of a new schema when the rest of the world
> does not feel the pressure to move away from schemas that have been
> around and used successfully for many years in many institutions. I
> fear that this solo attempt to improve things might end up in loosing
> compatibility and flexibility to use tools for ldap administration,
> something we definitely need.
>
+1
> For me, the main argument in advance of using a single LDAP object for
> a given computer is the following: If you use ldapvi to add or change
> that object, it's much easier and you don't loose any part hidden in
> an other object somewhere else. As soon as you use some higher level
> LDAP administration tool, the problem of distributing changes to
> several LDAP objects is left to the tool and seems to work for many
> people all around the world. Of course, it is much nicer from an
> aesthetic point of view to have one object and by that get rid of
> redundant
> information too.
sure and programmer tend to want to have the "not invented here syndrom"
that is the curse with ldap schema and software.
> There have been other arguments around, like what happens if slapd
> crashes when half of the objects representing a single machine have
> been added to LDAP, (missing) atomicity of openldap and so on - I
> don't know if they expect to be taken seriously. The machine
> information in LDAP is something static and if you think you need to
> improve things perhaps better implement some LDAP server replication.
>
> Has the distribution of machine information to several objects been a
> problem with debian-edu in the past?
+1
> So as I point out from time to time: In my opinion, we as a project
> with rather limited manpower, we should really keep things as simple
> and mainstream as possible. There is still enough work left to spend
> our inventional energy on. So please think carefully if the price you
> pay by implementing a special way is justified. I guess we don't have
> the user base to make the world follow our better approach.
You have beaten me to it ;-) i fully agree with your explanations.
Debian-edu should not take is time to create a new schema and use the ones
published with each software, that would allow to use nice graphical
frontend for the end user managing debian-edu.
For example in the many university i came the want to use a frontend to
manage their growing ldap servers but forbid using non standard schema.
In this case debian Edu and is own schema who be forbidden and some other
solution would be used.
Please think in user level when discussing this and not in "geek mode"
Cheers
--
Benoit Mortier
CEO
OpenSides "logiciels libres pour entreprises" : http://www.opensides.eu/
Promouvoir et défendre le Logiciel Libre http://www.april.org/
Contributor to Gosa Project : http://gosa-project.org/
Reply to: