1 |
I just wanted to correct a few misconceptions in the parent post. |
2 |
|
3 |
Adam Lantos wrote: |
4 |
|
5 |
> I personally prefer Ldap over mysql because of its optimized |
6 |
> performance, and scalability. |
7 |
|
8 |
LDAP-accessible directories (eg. OpenLDAP) tend to be heavily optimized |
9 |
for read operations, with a corresponding performance hit for writes. |
10 |
Compare this with Relational Database Management Systems (RDBMS), such |
11 |
as MySQL, which are optimized for both reads and writes. The other main |
12 |
difference is the data model - LDAP uses an object model, while RDBMS' |
13 |
use a relational model (obviously). |
14 |
|
15 |
Personally, I choose LDAP for user/group information, address books, |
16 |
etc, while print accounting and other usage data goes in a relational |
17 |
database. OpenLDAP supports a wide range of backends, including MySQL, |
18 |
so it's possible to provide an LDAP-interface to your RDBMS. |
19 |
|
20 |
> Ldap is stable enough, and it's much |
21 |
> more secure than mysql (using TLS for connections, you can set ACLs). |
22 |
|
23 |
MySQL and most other RDMS' support TLS and/or SSL-secured connections, |
24 |
as well as fine-grained permissions. |
25 |
|
26 |
> You can store virtually anything related to users without bothering |
27 |
> with database schemes - quotas, email accounts, database |
28 |
> configurations, apache configuration and so on... |
29 |
|
30 |
LDAP has objectClasses and schema checking. |
31 |
|
32 |
> Ldap is faster too because of the binary database backend it uses. |
33 |
|
34 |
MySQL and most other RDBMS' use binary backends too. |
35 |
|
36 |
> And much more tools |
37 |
> support Ldap, so you can use one password to sftp, one password to |
38 |
> apache htaccess, ... easier than with mysql. |
39 |
|
40 |
As long as the services support PAM, it's just as easy to use an LDAP |
41 |
backend as it is to use MySQL. |
42 |
|
43 |
> -FTP is insecure, because it sends the password in plaintext. |
44 |
|
45 |
Newer FTP servers (eg. vsftpd) and clients support SSL. |
46 |
|
47 |
Cheers |
48 |
|
49 |
Andrew |