On 2/7/2014 05:49, Andrey Repin wrote:
LDAP IS simple.
Anything tied to a PKI is going to be pretty complex, no matter how
simple the underlying tech is.
Then there's the fact that LDAP derives from X.500, a prototypically
overengineered OSI emission. DC=my,DC=sub,DC=domain,DC=com. P'tui!
It's a shame it is so little known outside specific circles.
I blame the books.
Several years ago, I bought most of what was available, since we needed
to do user authentication against an existing AD system in a custom
software system, to avoid parallel user management.
The most useful book I found was "LDAP: Programming Directory-Enabled
Applications with Lightweight Directory Access Protocol", by Howes and
Smith, since it covers things from the C API level upward. Most other
LDAP books either don't cover the programming level at all, or mention
it briefly on their way down from the directory service level.
The thing is, the book was written way back in 1997, before OpenLDAP was
forked from the umich LDAP reference implementation. A huge number of
the things the book says no longer applies because the API has changed
out from under it. Many of the examples that do still work give
deprecation warnings, or need to be compiled with -D flags to re-enable
APIs that are marked for deprecation.
I did a search on Amazon, sorting all LDAP books by release date. The
newest one that covers programing looks to be Howes & Smith's other
book, "Understanding and Deploying LDAP Directory Services" (coauthored
with Good) which came out in 2003.[1] The book primarily covers
administration of the Netscape (!) Directory Server. It does cover LDAP
programming in a couple of chapters spanning 150 pages, but most of the
examples are in Java. There is a touch of C and Perl, only. Even if
you count all the code samples together and ignore the language and API
differences, you can't call this anything but a whirlwind overview of
LDAP programming.
"Mastering OpenLDAP" is billed as "for developers", but there isn't a
line of C code in the book. (Or any other programming language,
really.) It's a sysadmin book.
It's not even the case that all the teaching material has moved online.
The OpenLDAP programming manual is a pile of man pages.[2] Man pages
are great, but go toss a neophyte into that pile and see if she doesn't
come out welted, weary and wincing.
Given this, it's no wonder those who can write LDAP based software are
seen as a kind of elite. Acquiring a working knowledge of LDAP
programming is akin to a baleen whale feeding itself.
----------
[1] Amazon claims it was updated in 2013, but it's just a paperback
re-issue of their 2003 hardback title.
[2] http://goo.gl/gE2e6P
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple