[TriLUG] LDAP schema question

Ryan Leathers ryan.leathers at globalknowledge.com
Thu Jul 13 15:41:50 EDT 2006 

This is not a "how do I make slapd work" question.
I'm confused about how to align the data I care about with a schema.

When do you write your own schema?  Can you get away with stuffing data
into existing schema attributes even though it might not be a perfect
fit?

Let me explain...

I have a lab reservation system.  It reserves groups of resources at a
time.  We call these groups of resources pods.  In the LDAP schema,
there is already an OU for each pod, and when the reservation is set up,
the user's login is placed under that OU. 

What we want to do is to store several application objects that
represent the commands (Linux command lines) pointing to all the
resources represented by the pod.  

We know how to create a flat file for this, query it, and construct the
user’s portal interface that way.  We'd prefer to use LDAP to store the
application objects instead.  Since the application information for a
pod is static, LDAP is ideally suited to hold it, performance-wise.

An example of this might be:

Pod P1 has three devices D1, D2, D3
It also has three applications A1, A2, A3  
Application A1 is invoked as connectTelnet –pod P1 –device D1
Application A2 is invoked as connectTelnet –pod P1 –device D2
Application A3 is invoked as connectTelnet –pod P1 –device D3

So what needs to be stored is the pod OU P1, and under it, three
applications called A1, A2 and A3 respectively, each containing its own
command line and possibly some descriptive text, though that would not
be strictly necessary.


Now here is where we are unsure of how to proceed...

LDAP schemas already have an applicationEntity object, but this seems to
be an X.500 specific schema for an OSI layer 7 application.  As such,
the simple Unix command line I am trying to use to represent
applications, might not fit... or does it?  The fear is, if we try and
use this in error, it may collide with some other future LDAP-based
system, or it may be misinterpreted by someone in the future as a true
OSI application entity and just cause confusion.

The question is: does the applicationEntity object have any potential
for use here, or is there a schema designed to support the “command
line” type of application object fitting what is described above?

Should we create a custom LDAP schema? I'd like to avoid that unless its
truly necessary.

If we don't decide on the right way to do this in LDAP soon, we may just
build this in a flat file as it seems the simplest way to go with no
room for unforeseen troubles down the road.

Thanks in advance for your input

Ryan

More information about the TriLUG mailing list