LDAP Naming Service Versus Other Naming Services
Below is a quick comparison between FNS, DNS, NIS, NIS+ and LDAP naming services.
|
|
DNS |
NIS |
NIS+ |
FNS |
LDAP |
|---|---|---|---|---|---|
|
NAMESPACE |
Hierarchical |
Flat |
Hierarchical |
Hierarchical |
Hierarchical |
|
DATA STORAGE |
Files/ resource records |
2 column maps |
Multi columned tables |
Maps |
Directories [varied] Indexed database |
|
SERVERS |
Master/slave |
Master /slave |
Root master/ non-root master; primary/ secondary; cache/stub |
N/A |
Master/replica Multi master replica |
|
SECURITY |
none |
None (root or nothing) |
DES Authentication |
None (root or nothing) |
SSL, varied |
|
TRANSPORT |
TCP/IP |
RPC |
RPC |
RPC |
TCP/IP |
|
SCALE |
Global |
LAN |
LAN |
Global (with DNS)/LAN |
Global |
Using Fully Qualified Domain Names
One significant difference between an LDAP client and a NIS or NIS+ client is that an LDAP client always returns a Fully Qualified Domain Name (FQDN) for a host name, similar to those returned by DNS. For example, if your domain name is
west.example.net |
both gethostbyname() and getipnodebyname() return the FQDN version when looking up the hostname server.
server.west.example.net |
Also if you use interface specific aliases like server-#, a long list of fully qualified host names is returned. If you are using host names to share file systems or have other such checks you need to account for it. This is especially true if you assume non-FQDN for local hosts and FQDN only for remote DNS resolved hosts. If you setup LDAP with a different domain name from DNS you might be surprised when the same host has two different FQDNs, depending on the lookup source.
Advantages of LDAP Naming Service
-
LDAP gives you the ability to consolidate information by replacing application-specific databases; reduces the number of distinct databases to be managed
-
LDAP allows for more frequent data synchronization between masters and replicas
-
LDAP is multi-platform and multi-vendor compatible
Disadvantages of LDAP Naming Service
The following are some disadvantages to using LDAP instead of other naming services.
-
There is no support for pre-Solaris 8 clients
-
An LDAP server cannot be its own client
-
Setting up and managing an LDAP naming service is more complex and requires careful planning
Note –
A directory server (an LDAP server) cannot be its own client. In other words, you cannot configure the machine that is running the directory server software to become an LDAP naming service client.
- © 2010, Oracle Corporation and/or its affiliates