• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Maintaining LDAP

 
Ranch Hand
Posts: 123
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
WE are going to register 2500 users in LDAP. So tools for maintaing this seems to be mandatory.
Please give me som hints about it
 
Ranch Hand
Posts: 49
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You can use a free product such as open ldap or buy one commercial product such as Iplanet directory server.
Just for 2500 though, I am not sure if LDAP is really required. You have to build API's to read/write and maintain security/administration.
 
Author
Posts: 27
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Tom,
There are really two ways to go about this depending on whether you're looking ONLY at managing LDAP directories or if you plan to manage LDAP along-side other identity repositories.
In the first case, there are a number of free web-based administration tools, many PHP-based and easy to change. There are also commercial tools for this from vendors like Calendra and Oblix that specialize in LDAP administration and offer better workflow capabilities than some of the free stuff out there.
In the later case, you might be able to script the integration you need, but for more complex environments I'd certainly look into full-blown provisioning software. This may be overkill in a 2,500 user environment unless those users have access to a lot of different systems that don't use the same identity repository. Vendors like Business Layers and Waveset do a good job of giving you centralized control over the hire/retire process, have good workflow, and are very directory-centric in their architecture.
If you're just looking to import users, it certainly would be possible using Perl or other scripting languages to convert a table of users from a spreadsheet or other similar data file into an "LDIF" (LDAP Data Interchange Format) file that can be fed into a server via standard LDAP tools that come with most distributions. My book actually has a chapter that covers exactly such a process.
Clayton
[ March 17, 2003: Message edited by: Clayton Donley ]
 
reply
    Bookmark Topic Watch Topic
  • New Topic