Deploying OpenLDAP [Paperback]

Tom Jackiewicz (Author)

Book Description

ISBN-10: 1590594134 | ISBN-13: 978-1590594131 | Publication Date: October 29, 2004 | Edition: 1

LDAP, or Lightweight Directory Access Protocol, is a directory management system/database that simplifies life for anyone managing a network with more than 50 users. While Sun and Microsoft have created their own versions of LDAP, OpenLDAP is freeware that is available for use and redistribution to the programming community.

For all the work and time invested in using LDAP, not enough time has been spent designing the layout and the logic of directories. End users and system architects often don’t give appropriate attention to the deployment of LDAP as a standards-based system with interfacing ability. Thus, many of LDAP’s best features - especially OpenLDAP - become unusable. As a remedy, deploying OpenLDAP delves into the logic, theories and fundamentals of directories. This book surpasses "what is", and instead shows system administrators "how to." A good resource for learning more is www.openldap.org.

Editorial Reviews

About the Author

Tom Jackiewicz is currently responsible for global LDAP and email architecture at a Fortune 100 company. Over the past 12 years, he worked on the email and LDAP capabilities of the Palm VII, helped architect many large scale ISP's servicing millions of active email users, and audited security for many Fortune 500 companies. Jackiewicz has held management, engineering, and consulting positions at Applied Materials, Motorola, and Winstar GoodNet. Jackiewicz has also published articles on network security and monitoring, IT infrastructure, Solaris, Linux, DNS, LDAP, and LDAP security. He lives in San Francisco's Mission neighborhood, where he relies on public transportation plus a bicycle to transport himself to the office-fashionably late.

Product Details

• Paperback: 344 pages
• Publisher: Apress; 1 edition (October 29, 2004)
• Language: English
• ISBN-10: 1590594134
• ISBN-13: 978-1590594131
• Product Dimensions: 9.1 x 7 x 1 inches
• Shipping Weight: 1.5 pounds (View shipping rates and policies)
• Average Customer Review: 3.1 out of 5 stars  See all reviews (11 customer reviews)
• Amazon Best Sellers Rank: #1,420,672 in Books (See Top 100 in Books)

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Most Helpful Customer Reviews

31 of 31 people found the following review helpful:

1.0 out of 5 stars A book should be written with lots of sweat, December 27, 2005

By 

Yong Huang (Houston, TX USA) - See all my reviews

This review is from: Deploying OpenLDAP (Paperback)

This is a book produced by merging numerous publicly available materials without too much input from the author. The author seems at a loss what to say when the good stuff is already said by others (other than changing "does not" to "doesn't", etc). Here're some suggestions, in case he plans to write a new edition. For instance, p.77, the first two search filter examples are too easy. But the third one needs a few seconds' thinking. Why not keep building progressively more complicated filters? They would be guaranteed not to be in existing materials. p.144, ACI parameter realm suddenly appears. This "realm" sounds different from that in SASL (p.98 and p.115). But "realm" is never explained anywhere in the book. There're other terms that mean differently but are not explained, such as NSS (p.136 for "Network Security Services" and p.249 for "Name Service Switch"). There're other places in the book that mention something only explained in later chapters, but they're not warned with "We'll explain this in Chapter XXX". The reason is simply that he copies a man page or somebody's article without thinking of adding anything to it. Arrangement of the text is sometimes unexpected. After about 20 pages of Perl methods copied from documentation, p.164 suddenly shows a program in C, not Perl.

This 2005 book discusses technologies of as early as 1998 (not in history section). It may be true that AuthLDAP and TransLDAP modules are not updated since then and C. Donley's web site is gone (pp.264-8). But a responsible book author should tell us anything new around this technology. You shouldn't duplicate Mr. Donley's 1998 article with no comments (and no credit).

In my opinion, if a computer book author dares to list source code, he must add valuable comments, regardless whether the source code already comes with good comments. No need to explain code line by line. But the comments must be insightful. If you don't have any, omit the publicly available code, or readers would wonder if the code is too difficult for you.

Think why most of O'Reilly's books are a success. Take "Sendmail" and "Programming Perl" as examples. The "Sendmail" tome is the easiest to be written as a reprint of documentation. But why do we not have that feeling? Because the authors constantly add text not in documentation, such as if you do this, you would get this error and the solution is such and such. "Programming Perl" does a great job at throwing in real working examples full of wisdom. Documentation can't present too many real-life examples, but a book can and should. If you personally don't have that much experience, gather them from public forums. Be careful though. Don't just copy. Verify, research and add valuable insight. A book author must be an expert in the field.

Lastly, Apress has a Submit Errata page, but they don't send even an auto-reply when you submit one. They don't have View Errata. Tech support doesn't respond. So I'm posting my own Errata at http://rootshell.be/~yong321/computer/bookreview.html#DeployingOpenLDAP (mirrored at stormloader.com/yonghuang/computer/bookreview.html). It took me many hours to create it but please point out errors in it.

10 of 10 people found the following review helpful:

1.0 out of 5 stars useless; try the O'reilly LDAP System Administration, June 22, 2006

By 

JR "John" (California USA) - See all my reviews

This review is from: Deploying OpenLDAP (Paperback)

check out page 67 of the book for a basic reason why this book is useless:
an entire page of a ftp session downloading openldap. huh? How is this helpful? getting the right version of BerkeleyDB and installing it, or installing and configuring OpenSSL would have been far more helpful to me.
This is another book composed mostly of cut 'n paste from the man pages, header files and varous scripts you can find with google.
Discussion on basic topics such as replication skips over key steps, examples for many issues are not provided or are hidden in the book. I use LDAP at work and I used the O'Reilly book to instal, configure and use OpenLDAP. I have yet to find a question that Deploying OpenLDAP can answer that I can't get faster with google.

5 of 5 people found the following review helpful:

5.0 out of 5 stars Great reference on LDAP deployment, November 2, 2004

By 

George Neumann "George" (San Francisco, CA) - See all my reviews

This review is from: Deploying OpenLDAP (Paperback)

This is a great overview that covers all the necessary components of an LDAP deployment, whether you use OpenLDAP or any other implementation. Tom Jackiewicz covers everything from the management decisions necessary before you start your deployment, to the schema, directory information tree, and then goes on to more details topics on the installation and API. This is a fast paced book and covers in just a few pages what other books fill with useless garbage and repetition.