[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Need in Extremadura for LDAP admin interface

On 14. feb. 2011 16:40, José L. Redrejo Rodríguez wrote:
> El dom, 13-02-2011 a las 21:05 +0100, Jonas Smedegaard escribió:
>> On Sun, Feb 13, 2011 at 04:17:44PM +0100, José L. Redrejo Rodríguez wrote:
>>> Our servers still remain in lenny and our plans to move to squeeze (or 
>>> wheeze) include the development of a lwat replacement. We need to 
>>> develop it to fit our needs as we have to create accounts massively 
>>> every beginning of the course using as source an external application 
>>> where our ministry manages all the educational data for every citizen. 
>>> So, neither gosa, cipux or lwat can fulfill our needs, and a custom 
>>> development is the only solution I can see.
>> Could you elaborate some more on your needs for LDAP admin interface?
> Aproximately, exactly the same as lwat provides, including its
> simplicity and easy of use. I'd only add the massive account creation,
> as I've described in #602863

Do you really want to have dns in ldap ?
In a large environment, I would prefer dns in flat files, and dhcp in ldap.

> In the past I was doing something similar with lwat, but there were some
> bad implications. As an example lwat stores in its configuration the
> last used uid, instead of searching it dinamically in the ldap database,
> so sometimes there are database corruptions if other tools are used to
> create accounts.

hmm. the nextGID that is stored in ldap is only a fast-way to get the
next assumed availible (G)ID. If it's already used, lwat should
automaticly search for a free (g)id and use that one. The reason to use
this, is to speed up the search for the next(g)id. If you have a large
db you may also get an error of you are not able to fetch all (dont
remember now..)

>> Therefore: Please do describe in more detail what it is you need in 
>> Extremadura - to inspire those working on CipUX, GoSA or other LDAP 
>> tools, to help tune inot such kind of large-deployment needs (and 
>> perhaps even offer solutions concretely!).
> As I've commented about, lwat fulfilled the needs quite well, except by
> its bugs. We don't need a bloated tool, just create and modify user
> accounts and machine groups from the admin point of view, and changing
> passwords for the end user interface. No more, no less.

Thanks. Mission acomplished  (almost).

If lwat creates  duplicate id's then it's a bug. I have not seen such a
bug report.

// faj

Reply to: