by Anonymous Coward writes:
on Sunday August 01, 2004 @10:56AM (#9857709)
Note that LDAP is fully capable of doing host name resolution, there's even an RFC for it (AFAIK the one that specifies how to store POSIX user info also specifies how to store host names). And in fact, DNS can be used for user details via Hesiod.
Both LDAP and DNS are hierarchical federated database systems. Personally, I find current LDAP implementations to be more manageable, better designed, and generally nicer (can set very fine grained permissions) than current DNS implementations. A name system based on LDAP rather than DNS would be fully feasible and IMHO as or more globally scalable.
But we must distinguish between DNS-the-protocol and DNS-the-implementations - It would be possible to have the same piece of software answer both DNS and LDAP queries from the same database. Hey, hello Microsoft Active Directory! But MAD is nasty for other reasons - so where are the Open Source projects to provide a slapd plugin for DNS protocol lookup to openldap databases? It should actually be pretty simple, maybe it's so simple no-one is interested hacking on it....
Argh. That page describes AWFUL KLUDGES (except for the name service switch, but that's not a solution for dns-the-protocol). One guy working on making BIND lookup in LDAP. Fine. Good. BUT THAT DRAGS IN THE WHOLE SORRY MESS OF BIND, THUS DEFEATING THE PURPOSE OF USING LDAP TO AVOID EVIL BIND. May the beige of the end times consume him.
The other guy working on making ldap2dns, a tool that spit out databases that tinydns can read. A little better, but NOW YOU'VE GOT ANOTHER LAYER OF SORRY-ASS CACHING IN ANOT
The DNS P2P-server/client system has been proven to be reliable, supporting the unified Internet namespace continuously for hundreds of millions of concurrent users, for many years. Regardless of the techniques used, can LDAP claim that kind of bulletproof track record?
The opulence of the front office door varies inversely with the fundamental
solvency of the firm.
"without DNS" = LDAP (Score:4, Interesting)
And in fact, DNS can be used for user details via Hesiod.
Both LDAP and DNS are hierarchical federated database systems. Personally, I find current LDAP implementations to be more manageable, better designed, and generally nicer (can set very fine grained permissions) than current DNS implementations. A name system based on LDAP rather than DNS would be fully feasible and IMHO as or more globally scalable.
But we must distinguish between DNS-the-protocol and DNS-the-implementations - It would be possible to have the same piece of software answer both DNS and LDAP queries from the same database. Hey, hello Microsoft Active Directory! But MAD is nasty for other reasons - so where are the Open Source projects to provide a slapd plugin for DNS protocol lookup to openldap databases? It should actually be pretty simple, maybe it's so simple no-one is interested hacking on it....
"without DNS" = LDAP-Google DNS. (Score:0)
"It should actually be pretty simple, maybe it's so simple no-one is interested hacking on it...."
Or maybe they already have, and you just didn't look.
Re:"without DNS" = LDAP-Google DNS. (Score:0)
The other guy working on making ldap2dns, a tool that spit out databases that tinydns can read. A little better, but NOW YOU'VE GOT ANOTHER LAYER OF SORRY-ASS CACHING IN ANOT
Re:"without DNS" = LDAP (Score:2)