On Feb 13, 2008, at 11:32 AM, Mike McGrath wrote:
Well, over time its become clear that LDAP is just not very good at
groups as we want it to do. We need to have people self-add
groups, track when they were added, who added them. People can have
different access levels in the group (unapproved, user, sponsor,
LDAP is very geared towards what most people need (someone in charge
group and adding people to that group). In an open environment like
we need the whole application process. Its not that LDAP is bad,
the right tool for the job.
Thoughts? Comments? Concerns?
Will using Postgres as the back-end and LDAP as a middle piece work
with FAS2? Perhaps using LDAP to integrate with NSS and other 3rd
party apps, but just for authentication/authorization (read access).
Right now I'm using LDAP as my primary data store for our Library
systems at OSU, but I'm considering moving to a tiered LDAP+SQL
system, so if there are reasons why it doesn't work well I'd be
especially happy to hear about them. :-)
Ryan Ordway E-mail: rordway(a)oregonstate.edu
Unix Systems Administrator rordway(a)library.oregonstate.edu
OSU Libraries, Corvallis, OR 97331 Office: Valley Library #4657