Yes, I am trying to configure my entire system using LDAP as
a backend.
If there any bugs in the ldap server I will probably fix them or
better yet the people working on openldap will fix them.
I know about the issues that you are describing which is why I am
targetting one daemon dhcpd and hopefully I will solve them.
cross-validation of data should be easy to implement for instance I can
locate all
the ip assigned addresses:
/usr/local/openldap/bin/ldapsearch "objectclass=DHCPRange"
DHCPRange=star-gate.com, o=star-gate.com, c=us
objectclass=top
objectclass=DHCPRange
startipaddress=172.16.0.2
endipaddress=172.16.0.255
scopetype=DHCP
Record locking and batch requests is a bit more difficult to solve perhaps
someone in the list can shed light into this problem for instance does
LDAPv3 provide such mechanism?
Tnks!
>
> Are you trying to configure your entire system using LDAP as the database
> backend, or are you trying to serve current system info?
>
> If you are trying *configure* the system using LDAP as a database, then
> good luck. Our company, Cybernet Systems, has spent over ten man-years
> developing a HTML-based front-end for just such a purpose. When we (I)
> first started this project (NetMAX, http://www.netmax.com/), we evaluated
> LDAP as a backend. I found it too buggy (at the time) for our purposes.
> Does it implement record locking on read/write? Does it allow you to
> "batch" your changes? Does it provide for server start/restart when
> appropriate? Can you do cross-validation of data, for example, can you
> make sure that you give the DHCP server an IP address that is not already
> taken, or make sure that it is in one of your subnets?
>
> There are lots and lots (gobs!) of these kinds of checks that need to
> be done for a "complete" system configuration service.
> If it doesn't daemon restarts, batch-mode changes, and system checking/cross-
> validation, then you'll probably end up with something similar to
> webmin (http://www.webmin.com/).
>
>
> <PLUG>
> You could easily spend years making a complete interface to setup your
> server, or you could purchase the NetMAX software (about $500, see
> http://www.netmax.com/). A FreeBSD 3.2 version is in-the-works (a
> 2.2.7-system/2.2.8-kernel is currently available). Also, a Linux version
> (based on RedHat 5.2 with a 2.0.37 kernel) is currently in beta (the
> distributed beta is a 2.0.36 kernel, though).
> </PLUG>
>
>
>
> -Mark Taylor
> NetMAX Developer
> [EMAIL PROTECTED]
> http://www.netmax.com/
>
>
>
> On 04-Jul-99 Amancio Hasty wrote:
> >
> > I am playing around with configuring the system and providing a CLI ,
> > programmatic interface and a html interface .
> >
> >
> > Floating in my mind is to present a uniform configuration repository similar
> > to windows registery however the information repository is implemented
> > with LDAP. See http://www.openldap.org for info on LDAP.
> >
> > The tough part is creating the LDAP schemas for the various daemons
> > or services.
> >
> > Got lucky and found an IETF draft :
> >
> > An LDAP Schema for Dynamic Host Configuration Protocol Service
> > http://www.ietf.org/internet-drafts/draft-gu-dhcp-ldap-schema-00.txt
> >
> > I am using the above draft to explore configuring dhcpd. My first cut at
> > configuring dhcpd via LDAP is to extract all the configuration information
> > from the LDAP server and writing the information to dhcpd's configuration
> > file and then have dhcpd parse the configuration file. This approach
> > minimizes the changes to dhcpd and provides persistent configuration
> > information for dhcpd.
> >
> > The start of my html interface is at:
> >
> > http://www.star-gate.com/dhcpd.html
> >
> > Thats just a dummy front end . The real interface is being implemented as a
> > servlet
> > and will provide a more rich presentation --- help files , How To, etc...
> >
> > The CLI interface can be as easy as using the existing ldap shell tools.
> >
> > The programmatic interface is simply the LDAP C and Java interface available
> > from : http://www.mozilla.org/directory
> >
> > So far I have a simple ldap schema based upon the IETF draft which I can
> > manage from my servlet and query from dhcpd.
> >
> >
> > What do you guys think?
> >
> >
> > --
> >
> > Amancio Hasty
> > [EMAIL PROTECTED]
> >
> >
> >
> >
> > To Unsubscribe: send mail to [EMAIL PROTECTED]
> > with "unsubscribe freebsd-current" in the body of the message
>
--
Amancio Hasty
[EMAIL PROTECTED]
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
