Date: Tue, 5 Jun 2001 16:20:29 -0700 From: "Sean Knox" <wintermage@home.com> To: "dannyman" <dannyman@toldme.com> Cc: <freebsd-questions@FreeBSD.ORG> Subject: Re: LDAP support: iPlanet or OpenLDAP? Message-ID: <OE17yj5oRdtLLVTnE9Q0000b86a@hotmail.com> References: <OE161o8yfogkJXrRjbD0000a904@hotmail.com> <20010605160736.F20416@dell.dannyland.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks for the great information regarding LDAP. I too did realize [after posting] that iPlanet is not available for FreeBSD. I did try installing Netscape DS on a Win2k box... the install wouldn't even work correctly so I got over it. As I do have some new SunBlades I could install iPlanet on, I was really planning on running FreeBSD for the mail server. You mentioned replacing your current LDAP solution with OpenLDAP... any gotchas thus far? conventional wisdom you can share? I completely agree about the need to just dive into LDAP to understand it all...I have a copy of Mark Wilcox's "Implenting LDAP" which I am still reading, as well as combing through the FAQs and doc's on www.openldap.org. Any books you suggest picking up? Fortunately, everyone in the company is very supportive of my research with UN*X and are waiting for me to replace the current IS manager's NT based network with FreeBSD/OpenBSD. :) Sean ----- Original Message ----- From: "dannyman" <dannyman@toldme.com> To: "Sean Knox" <wintermage@home.com> Cc: <freebsd-questions@FreeBSD.ORG> Sent: Tuesday, June 05, 2001 4:07 PM Subject: Re: LDAP support: iPlanet or OpenLDAP? > On Sun, Jun 03, 2001 at 06:58:40PM -0700, Sean Knox wrote: > > In a previous thread, someone mentioned they prefered iPlanet's LDAP > > implentation over OpenLDAP. Can anyone elaborate on this? I'm > > currently researching which version to implement with some Exim mail > > servers here at work, and would appreciate some feedback. > > Last I checked, iPlanet is not available for FreeBSD, nor would one > expect it to be given the partnership with Sun. > > iPlanet is reputed to perform very well, and implement more of LDAPv3 > than OpenLDAP. > > My experience with Netscape DS is running it on NT through this cursed > java console with the most horrible UI ever designed by humanity, and it > randomly flaking out, thanks in no small part to dssynch.exe, which > syncronizes users and passwords betwixt your directory and your NT 4 > domain. > > I also had a bitch of a time setting it up when I was new to LDAP, threw > up my hands in frustration, making dirty words. After staying up all > night one of our former-Netscape whiz kids managed to get it running. > The greatest piece of wisdom another former Netscape person who had > wrestled with it in their previous employment could give me was to "turn > schema checking off." > > I'm replacing the current LDAP implementation with OpenLDAP. > > I have talked to one person in my time who says that he likes the > iPlanet IMAP server he has running on one of his Sparc boxen. > > IMO, LDAP is not for the faint of heart, assuming you want it to do > ANYTHING more than just publish a telephone directory. You really need > to swallow the red pill and start reading RFCs and books and things and > testing things and fending off your NT admin manager meekly suggesting > that if we just replaced everything with Microsoft Windows 2000 Active > Directory Services for Unix it might just all work out. > > -danny > > -- > http://dannyman.toldme.com/ > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?OE17yj5oRdtLLVTnE9Q0000b86a>