| 1 |
I just wanted to correct a few misconceptions in the parent post. |
| 2 |
|
| 3 |
Adam Lantos wrote: |
| 4 |
|
| 5 |
> I personally prefer Ldap over mysql because of its optimized |
| 6 |
> performance, and scalability. |
| 7 |
|
| 8 |
LDAP-accessible directories (eg. OpenLDAP) tend to be heavily optimized |
| 9 |
for read operations, with a corresponding performance hit for writes. |
| 10 |
Compare this with Relational Database Management Systems (RDBMS), such |
| 11 |
as MySQL, which are optimized for both reads and writes. The other main |
| 12 |
difference is the data model - LDAP uses an object model, while RDBMS' |
| 13 |
use a relational model (obviously). |
| 14 |
|
| 15 |
Personally, I choose LDAP for user/group information, address books, |
| 16 |
etc, while print accounting and other usage data goes in a relational |
| 17 |
database. OpenLDAP supports a wide range of backends, including MySQL, |
| 18 |
so it's possible to provide an LDAP-interface to your RDBMS. |
| 19 |
|
| 20 |
> Ldap is stable enough, and it's much |
| 21 |
> more secure than mysql (using TLS for connections, you can set ACLs). |
| 22 |
|
| 23 |
MySQL and most other RDMS' support TLS and/or SSL-secured connections, |
| 24 |
as well as fine-grained permissions. |
| 25 |
|
| 26 |
> You can store virtually anything related to users without bothering |
| 27 |
> with database schemes - quotas, email accounts, database |
| 28 |
> configurations, apache configuration and so on... |
| 29 |
|
| 30 |
LDAP has objectClasses and schema checking. |
| 31 |
|
| 32 |
> Ldap is faster too because of the binary database backend it uses. |
| 33 |
|
| 34 |
MySQL and most other RDBMS' use binary backends too. |
| 35 |
|
| 36 |
> And much more tools |
| 37 |
> support Ldap, so you can use one password to sftp, one password to |
| 38 |
> apache htaccess, ... easier than with mysql. |
| 39 |
|
| 40 |
As long as the services support PAM, it's just as easy to use an LDAP |
| 41 |
backend as it is to use MySQL. |
| 42 |
|
| 43 |
> -FTP is insecure, because it sends the password in plaintext. |
| 44 |
|
| 45 |
Newer FTP servers (eg. vsftpd) and clients support SSL. |
| 46 |
|
| 47 |
Cheers |
| 48 |
|
| 49 |
Andrew |
Archives