On 19/04/2016 12:20, Emmanuel Lécharny wrote:
Le 19/04/16 10:47, Achilleas Mantzios a écrit :
Hello,
I have been testing sporadically openldap two years now, including many advanced features, sql, ppolicy, etc we are currently evaluating openldap along with redhat's 389 for enterprise use as RBAC, on which we will built upon our existing infrastructure. We want to have full password policy enabled, in order to meet requirements for passing SOX (Sarbanes Oxley) compliance. 389's documentation is lousy, I haven't tried anything exotic (sql, etc) with it, the reason we are looking at it is because it is favored by kolab.org and likely to come as standard in future kolab versions. So I would like your opinion on this. Pros/Cons to choose openldap or 389 directory server as our long term strategic decision?
If you are interested in RBAC, know that there is a Java API that implements RBAC at http://directory.apache.org/fortress/ (1.0.0 have just been released last week). It works with OpenLDAP as a backend (and some other LDAP server too).
Hi I had talked with a SYMAS person some years ago regarding fortress, this is also hosted by openldap : http://www.openldap.org/fortress/ So who manages fortress? By the test we had done with openldap it seemed that marginally we could meet our password policy requirements.
Regarding OpenLDAP, obviously, this list is clearly biased. Now, let's see what you can find on the Internet :
http://www.slideshare.net/ldapcon/benchmarks-on-ldap-directories
Thanx!