LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Weekly Edition

Return to the Press page

Recent Features

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

LDAP Series Part II - Netscape Directory Server (Linux Journal)

[Posted October 2, 2006 by ris]

Tom Adelstein takes a look at the Fedora Directory Server. "If you wander on over to the Fedora Directory Server (FDS) site you can take a look at an enhanced version of the Netscape Directory Server. This isn't your older brother's directory server. Aside from open sourcing the Netscape server, you'll find an abundance of documentation to help you learn and operate a stellar product."
(Log in to post comments)

LDAP Series Part II - Netscape Directory Server (Linux Journal)

Posted Oct 2, 2006 20:16 UTC (Mon) by einstein (subscriber, #2052) [Link]

Looks nice - anybody know where there are suse packages of this available?

LDAP Series Part II - Netscape Directory Server (Linux Journal)

Posted Oct 3, 2006 6:34 UTC (Tue) by JoeF (subscriber, #4486) [Link]

I just hope this is better than the Netscape LDAP server of old. I worked with it a couple years back, and at that time, it was a PITA.

LDAP Series Part II - Netscape Directory Server (Linux Journal)

Posted Oct 3, 2006 12:40 UTC (Tue) by cpm (guest, #3554) [Link]

It's the same.

LDAP Series Part II - Netscape Directory Server (Linux Journal)

Posted Oct 3, 2006 14:31 UTC (Tue) by job (guest, #670) [Link]

Why was it a pain? I haven't tried Fedora DS, but it sure looks enterprisier than OpenLDAP. I do get some bad vibes from the installation described ("first disable SELinux, then install Apache (ouch extra daemon, extra maintenance), then install the deprecated parts of X, then install Java (...)", so I'm interested in your experiences.

LDAP Series Part II - Netscape Directory Server (Linux Journal)

Posted Oct 3, 2006 14:41 UTC (Tue) by JoeF (subscriber, #4486) [Link]

If I remember right, the UI used to be completely unusable. It took a very long time to set it up, and you had to know the underlying technology (which is/was OpenLDAP, btw) very well to make some sense of the UI.
Once it was set up, it worked ok, which is not a surprise, since it basically was just OpenLDAP.

LDAP Series Part II - Netscape Directory Server (Linux Journal)

Posted Oct 3, 2006 15:08 UTC (Tue) by joib (guest, #8541) [Link]

Yeah, that was basically my experience as well when I did a brief evaluation of it a month or two ago for the usual pam/nss stuff. The installation was pretty painful as the grandparent mentioned, and the oh-so-fabled admin console was, well, pretty underwhelming. And in the end I didn't get it to work properly anyway. So I installed OpenLDAP instead, which was pretty simple as it was integrated into the package management of my distro, and using some guides I googled up I got it running with TLS encrypted connections etc. pretty quickly. Haven't looked back since.

That being said, one very positive thing about fedora/rh DS is that it has pretty volumious documentation at http://www.redhat.com/docs/manuals/dir-server/ . So I think that once fedora ds integrates themselves better into the free software world (autotools, builds against current libraries instead of requiring various old ones, included in mainstream distros so it's easy to install etc.) it will be a very nice addition to the free software toolbox. But at the moment I think OpenLDAP is a better choice unless you really need some of the features openldap doesn't have.

LDAP Series Part II - Netscape Directory Server (Linux Journal)

Posted Oct 5, 2006 18:44 UTC (Thu) by jschrod (subscriber, #1646) [Link]

I have quite some experience with both Netscape Directory Server and OpenLDAP -- and they are not the same.

NDS stores its configuration completely differently, has much better scalability (try to make an OpenLDAP directory with 500.000 or 1.000.000 entries and make that run fast and reliably), replication works better (repair after failures), integration in meta directories and other directory services is better, etc. It is made for enterprise situations, though, for large companies with many offices/branches at several sites. Thus your basic home or SOHO installation might have problems to deploy it; for them OpenLDAP is better.

Basically, if one has only a few thousand entries, no scalability is needed, no clustering is needed, simple replication, no meta-directory integration, then OpenLDAP is the way to go. Otherwise, NDS is better. Or one might have a look at Novell's Directory Server, too, in that situation -- their management tools really shine.

Joachim

Copyright © 2006, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds