From Fedora Project Wiki

LDAP Backend versus SQL Backend

This page is consolidating comments made so far on an LDAP backend versus a SQL backend and even the possibility of using both. Hopefully this will make it easier to weigh the pros and cons without having to search through email archives to see who thinks what. The fedora-infrasructure-list is still the best place for discussion on this topic.

Comments and Current Lean

Lists the name of person followed by the direction they currently lean (LDAP, SQL, LDAP+SQL) and a link to the list archives with their thoughts. Comments from some discussion in #fedora-admin are also included where relevant.

Curt Moore

Currently Leans: LDAP

Toshio Kuratomi

Currently Leans: SQL

Elliot Lee

Currently Leans: SQL

IRC Comments

< Sopwith> I hate LDAP because SQL does everything I need and is a lot more powerful, and I know it well

< Sopwith> (One drawback of SQL that I know of - I'd trust a public LDAP server but not a public SQL server)

< Sopwith> (Important if we want to start having seth's machines use the account system directly)

< Sopwith> If I knew that LDAP had a nice query language that let me do table joins and query constraints and such, I'd be much more into it.

< Sopwith> To me, LDAP is just another database, and as a database it doesn't seem attractive. I don't care about the tools on top because I don't think they can be easily customized to meet our needs (e.g. how many LDAP directories allow multiple e-mail addresses per account?)

Karel Zak

Currently Leans: SQL

Jeffrey Tadlock

Currently Leans: LDAP (changed from original email)

Jonathan Steffan

Currently Leans: LDAP

Michael McGrath

Currently Leans: LDAP

IRC Comments

< mmcgrath> I only bring up LDAP because there's lots of management tools out there for user administration already. We won't have to code that much extra stuff.

< mmcgrath> The nice thing about LDAP is that lots of stuff works well with it, Shell access, Apache, many web apps.

< mmcgrath> Sopwith: I've been going back and forth on LDAP vs PGSQL.

< mmcgrath> I have to admit right now LDAP just 'seems' like the right idea but it might be an overkill for what we need.

< mmcgrath> I guess in the end thats why I'm pusing for LDAP, all the user/password/group/shell management stuff is already there.

< mmcgrath> but I'll admit the more we talk about it the less clear of a winner LDAP becomes.

Dennis Gilmore

Currently Leans: LDAP+SQL

Patrick Barnes

Currently Leans: LDAP+SQL

IRC Comments

< nman64> BTW, this would be another reason to make the Account System use LDAP: easy integration with Plone so that contributors need one less account.

< nman64> I'm reluctant to give up on PostgreSQL myself. I've always been a SQL person, and have barely used LDAP, but there are some advantages that can't be ignored.

Tom Lynema

Currently Leans: SQL