[Ldap-users-devel] Re: Ideas for new directions

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Hi Wil,

>Right.  And I'm trying to think broader than that--perhaps on the
>scale of something like NDS; basically, anything that can use
>LDAP for configuration I'd like to try to manage.  And perhaps
>managing different back-ends makes that out of the question;
>I'm going to code for LDAP and try to clearly separate out and
>LDAP-specific interface from a more generic interface, and make
>the CGIs themselves use only the generic interfaces.  (Actually,
>you've pretty much done that already.)
>
A user admin module that can use LDAP, Mysql or other back end for posix 
user profiles sounds great. You have a lot of common code and interface, 
and change just the back-end. Cool.

But I think anything above that will have the scale of another entirely 
new webmin. You can create a generic ldap browser and, using schema info 
from ldap v3, create pretty nice edit forms. The things these generic 
browsers cannot do made me create the ldap users admin -- the generic 
tools do not know Unix cannot handle duplicate uid and uidnumber 
atributes. It would not create the home dir for new users. And so on.

You'll end up with a tool that would need specific plug-ins that know 
the semantic of each object class you try to edit -- another webmin. Or, 
if you like it, another NWadmin, or another linuxconf, another Microsoft 
MMC, and the like.

Most Unix tools do not use LDAP yet, so your tool would not be as nice 
as webmin itself. I think today some more LDAP-aware modules for webmin, 
like mine, would be nice. Besides, I cannot see the value of another 
generic LDAP API on top of an API such as Perlldap. When we can have 
everything stored on LDAP, a lot of webmin modules that can handle this 
would be as good as NWadmin.

[]s, Fernando Lozano