LDAP Naming Services Compared to Other Naming Services
The following table shows a comparison between the FNS, DNS, NIS, NIS+, and LDAP naming services.
|
|
DNS |
NIS |
NIS+ |
FNS |
LDAP |
|---|---|---|---|---|---|
|
Namespace |
Hierarchical |
Flat |
Hierarchical |
Hierarchical |
Hierarchical |
|
Data Storage |
Files/resource records |
2 column maps |
Multi— columned tables |
Maps |
Directories (varied) Indexed database |
|
Servers |
Master/slave |
Master/slave |
Root master/ non-root master; primary/ secondary; cache/stub |
N/A |
Master/replica Multi master replica |
|
Security |
None |
None (root or nothing) |
DES- Authentication |
None (root or nothing) |
SSL, varied |
|
Transport |
TCP/IP |
RPC |
RPC |
RPC |
TCP/IP |
|
Scale |
Global |
LAN |
LAN |
Global (with DNS)/LAN |
Global |
Using Fully Qualified Domain Names
Unlike NIS or NIS+ clients, an LDAP client always returns a fully qualified domain name (FQDN) for a host name. The LDAP FQDN is similar to the FQDN returned by DNS. For example, suppose your domain name is the following:
west.example.net |
Both gethostbyname() and getipnodebyname() return the FQDN version when looking up the host name server:
server.west.example.net |
Also, if you use interface-specific aliases such asserver-#, a long list of fully qualified host names are returned. If you are using host names to share file systems or have other such checks, you must account for the checks. For example, if you assume non-FQDNs for local hosts and FQDNs only for remote DNS-resolved hosts, you must account for the difference. If you set up LDAP with a different domain name from DNS, the same host might end up with two different FQDNs, depending on the lookup source.
Advantages of LDAP Naming Services
-
LDAP enables you to consolidate information by replacing application-specific databases, which reduces the number of distinct databases to be managed.
-
LDAP allows for more frequent data synchronization between masters and replicas.
-
LDAP is multi-platform and multi-vendor compatible.
Restrictions of LDAP Naming Services
Following are some restrictions associated with LDAP naming services:
-
Clients prior to Solaris 8 are not supported..
-
An LDAP server cannot be its own client.
-
Setting up and managing an LDAP naming services is more complex and requires careful planning.
Note –
A directory server (an LDAP server) cannot be its own client. That is, you cannot configure the machine that is running the directory server software to become an LDAP naming services client.
- © 2010, Oracle Corporation and/or its affiliates