LDAP Directory Technology Review

The implementation of all the software packages required for the proposed system took most of the development time, as the concepts behind the directory schema were not easy to understand, which resulted in many failed attempts to start the OpenLDAP server with a customised schema.

The first attempt to integrate all the software under the proposed management application was implemented on the Red Hat Linux 7.2 distribution, which comes with the OpenLDAP, Qmail, Bind, Apache, MySQL and PHP packages included and some of them installed by default.

After several attempts to force MySQL to authenticate against the user information held in the OpenLDAP I started thinking that it could be a compatibility issue caused by the Operating System and decided to format the hard-drive and install a Suse 7.6 distribution.

The problems persisted and PHP was very unstable on the Suse distribution, indicating a compatibility issue. Upgrading from PHP 4.3 to PHP 5 solved the stability problem but a solution for the MySQL authentication problem could not be found.

Due to time constraints and to my poor Linux administration skills the Linux platform was abandoned and I tried to install each software package on a Windows environment. The official site of the OpenLDAP project does not provide a Windows release of OpenLDAP, which was installed using a Windows-ported implementation from ILEX which also includes an installer.

This software failed to work on my system, even though the command prompt was indicating that the server was started and that it is fully operational. Several attempts to connect using a number of free and commercial LDAP clients and tools failed.

There is a distribution from Cyrus which was installed and initially failed to work because during the installation process I chose to install the software as a service and not as a standalone application.

In order to utilise the full extent of the technologies involved, the Windows XP operating system is poorly supported, as features available for Linux are not necessarily available for Windows. The Qmail software can not be installed on a Windows environment, however there is a plug-in available which includes a ready-made schema to be loaded into the OpenLDAP.

The schema file has all the entries and attributes required for Qmail to operate, thus the management system is not required to interact with the Qmail application at all, as the process to add a new email account for example is only involving the manipulation of the Qmail schema file to be loaded by OpenLDAP.

The OpenLDAP server can store all its data into a MySQL database using the Back-SQL module of the distribution, but authentication of MySQL databases through OpenLDAP was not possible, using the Operating System and Software combinations mentioned above.

A possible solution to this problem would be to develop a PHP Application which would execute Linux Shell commands and integrate a database management sub-system, similar to the one found on the Plesk Control Panel.