[Fedora-directory-users] features

Mike Jackson mj at sci.fi
Mon Jun 20 15:36:22 UTC 2005 

Dinil Divakaran wrote:
> 
> Greetings !!

Greetings,

> Before going for Fedora Directory Server, I thought of going through the 
> feature list to see what all additional features
> are supported when compared to OpenLDAP.

The list is long :-)


> Though the feature list and FAQ says about many features
> supported by Fedora Directory Server (like multi-master replication, 
> nested roles, cascading using hubs etc), they


> don't provide information about some common features that
> are supported by OpenLDAP. Some of such features include,
> support for SNMP,

Supported.


> password hashing,

Supported hashes are Crypt, SHA, and Salted SHA.


> support of LDAP search
> filters such as presence, equality, inequality, sub-string, approximate 
> and boolean operators,

This is part of the LDAPv3 standard.



> support for consumer-
> initiated replication,

Fedora DS does not support SyncRepl, if that's what you are asking.


> support for supplier-initiated
> replication,

Supported in single-master and multi-master replication models.


> support for Digital certificates,

Supported for 8 years already.


> support for
> XMLDAP gateway and whether the Directory server support
> XML for integration with external applications. XML and
> XMLDAP are not supported by OpenLDAP too, I believe.

DSML is the standardized markup language for LDAP, and this is supported 
in Fedora DS via the included DSML gateway process (java process).


Fedora DS is a direct and immediate descendant of the Netscape DS, which 
was the first commercial LDAPv2 implementation in the world. Now it's at 
LDAPv3. Netscape invented most of these features, and OpenLDAP project 
started in 1999 to basically try to implement the core server and some 
of these Netscape features.

If you ask me, the only real benefit to using OpenLDAP today is the 
abundance of strange backends, e.g. if you want to make a really special 
purpose LDAP server. You can make a directory out of just about any 
arbitrary data source, etc. Writing backends for Fedora DS is also 
possible, but there aren't too many available at the moment.


Mike

-- 
LDAP Directory Consulting - http://www.netauth.com

More information about the Fedora-directory-users mailing list