Carlo Prestopino wrote:
Hi all,
this is a “theoretical” post.
As written in the object: LDAP or mySQL in the backend for a remote
access control system?
I’ve seen that that for remote access control, e.g. Wi-Fi prepaid access
solution, it is widely used freeRADIUS+captive portal+mySQL.
There are several implementation of capitve portals, but they all do the
same thing: act as NAS towards RADIUS providing AAA attributes.
User data are stored in the backend in a database, but for usage
characteristics this database should be a directory server (LDAP
server); such a solution, in fact, requires features typical for a
directory server: optimization for read operation, distributed model for
storage of information, advanced search capabilities. So the best
solution should be LDAP (openLDAP) for users’ data and SQL (mySQL) for
accounting data (these data are overwritten so number of write
operations are almost equal to number of read operations).
Despite this, I’ve seen that LDAP is not widely used. Is this for its
complexity or are there deeper reasons that suggest to use SQL database
for both (user data, accounting) purposes? Does anybody have links that
might help to build a system made using this architecture?
I would suspect that the vast majority of the world won't deploy a
system large enough to tell the difference in performance between LDAP
and SQL so most make the decision in favor of the one they are most
comfortable with managing.
--
Lewis Bergman
Texas Communications
4309 Maple St.
Abilene, TX 79602-8044
Off. 325-691-1301
Cell 325-439-0533
fax 325-695-6841
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
