BozemanLUG - After the meeting
Just wanted to thank David Boreham again for the presentation he did on Fedora Directory Server. 15 people (including myself and David) attended the meeting... which is the highest turnout we have had in a very long time... although I believe we easily have the potential for 3 times that number. I *SHOULD* have brought a camera and taken a few pictures but I didn't.
Birth of LDAP
David started off the presentation by explaining that quite a bit of the most recent development work on FDS (aka Red Hat Directory Server) was actually done here in Montana... by David and people who work for him. It was incredibly interesting to have an actual developer give a presentation and David has a long history in the industry and was able to give us a first-hand introduction into the birth of the ITU's X.500 protocol and how it was later scaled down and adapted to work over TPC/IP as LDAP by Tim Howes of the University of Michigan.
David then explained what LDAP was good for and what it wasn't so good for.
History of Fedora Directory Server
Since FDS is the continuation of the product formerly known as Netscape Directory Server and was aquired by Red Hat on June 1, 2005, David went over some of the history of the product and where it stands today.
For the rest of the story, click on the read more link below...
Oddly enough, Netscape Directory Server inherited from the University of Michigan base... which is also the base for OpenLDAP. When Netscape/AOL sold NDS to Red Hat they somehow also sold it to Sun Microsystems and it became the base for their product as well. David said that Sun had considering open sourcing their product but Red Hat beat them to it and they didn't see any sense in having two products that inherited from the same trunk (NDS) being open sourced.
David brought a laptop running Microsoft Windows and used PowerPoint... so getting a little razzed by the audience was unavoidable... BUT he had VMware Server on it with two Fedora Core 6 installations both running Fedora Directory Server. Each FC6 machine had FDS installed and was setup to be a multi master for replication.
He used the Java-based Administrative Console to access the servers and to modify records and showed how changes were automatically and instantly replicated across servers. He also had one of the Fedora machines set up to authenticate via LDAP and showed that it worked.
We then talked about how well FDS was integrated with Red Hat Enterprise Linux (not at all) and as a result that every FDS/RHDS deployment was custom and individualized to an application or environment.
David talked about how well tested, stable, robust, and documented FDS is and reviewed all of the other open source directory servers (ApacheDS, OpenDS, and OpenLDAP). He talked about how difficult it was to get Multi-Master Replication implimented and stable... and how various implimentations by commercial directory server products were a patent mindfield.
David fielded quite a few questions and his answers always included interesting story-behind-the-story comments. We talked about the Samba4 development and how it had its own LDAP server and the problems with that.
David also showed us one other GUI LDAP management tool (I can't remember the name of it but it was Java-based and had a J at the beginning of the name) that was very similiar to the Administrative Console that comes with FDS but it wasn't quite as pretty.
Things I learned
- Berkeley DB was originally created just for LDAP
- FDS uses Berkeley DB as its backend
- Getting Multi Master Replication working and stable takes a lot of work and money
- FDS is written mostly in C but different pieces of it are written in a wide variety of languages
- The Administrative Console works best with Sun's JRE
- There are commandline apps to do everything if you prefer that or want to write scripts that use them
- I want to give FDS a try at work
David stated that Fedora Core 6 has a jre package from Sun Microsystems that allows the Administrative Console to run... and we did an
rpm -qi jre and saw that indeed it was there... but when I got home I couldn't find a trace of such a package in any of my repositories... so I'm going to assume it was installed as part of FDS?!?
After the Presentation
The meeting then broke down into various member to member converstations and we didn't end up leaving the building until a little after 10PM.
Chad Bohannan had a Sharp Zaurus (running Linux) with addon wireless NIC and Ken Dyke brought his Nokia 770 Internet Tablet (also running Linux) so there was quite a bit of discussion about these two devices.