Fog Creek Software
Discussion Board




LDAP versus Database for Query

Hi:

LDAP is often praised that it is more efficient for user authentication than Databases - i.e. via quicker look-up.

For our tiny college - we have had an LDAP director4y for the last two year. We have some issues with LDAP connection - i.e. the iPlanets that we have occationally stop working for unknown reasons. Sun is following this up.

I have been thinking if we should not go back to using a database - it will have the username and encrypted passwords of student/staff/faculty etc that are allowed to accees the library and other stuff. currently the info is replicated from our database to the LDAP - and only the LDAPs are queried.

If going back to database a good step?

Don Quixote
Wednesday, June 16, 2004

Why not use another LDAP vendor?  Otherwise you'll have to change all the clients that use the LDAP.

Bill Rushmore
Wednesday, June 16, 2004

Here are some questions to ask:

1) Are we doing lots of single-user queries (e.g. authentications, white-pages lookups of phone numbers)?

2) Are we over 10:1 ratio of reads-to-writes?

3) Do we have only rare referential integrity issues with the user data (e.g., inetOrgPerson ==> groupOfNames)?

If you answered yes to all three, you probably want to stick with LDAP.  It's the unchallenged standard for a "security infrastructure hub".

If you answered no to all three, then a database probably will fit the bill.

If you're in the middle somewhere and can't make up your mind, email me.

If your budget is limited, check out slapd (openldap.org).  Otherwise, IBM SecureWay and Critical Path's directory server are extremely reliable, in my experience.

badblue.com/blog
Wednesday, June 16, 2004

OpenLDAP is awesome.  You don't need a commercial LDAP.

The LDAP protocol is going to be supported by many products for authentication, and will fit better in a middleware strategy than some homegrown database solution.  Just don't try to use a directory for something it's not meant to be.

AMS
Wednesday, June 16, 2004

*  Recent Topics

*  Fog Creek Home