It is interesting to see how a thread on how identity provisioning tools and their lack of true interoperability with Active Directory gets twisted into a discussion on the merits of OpenLDAP. What is interesting is that the comparison is solely technical and doesn't provide any rationale related to how much it would cost to maintain OpenLDAP vs ADAM[?].
You will also notice mention of one and only one Fortune enterprise that uses it as their primary directory service. Of course, the mentioned company is in the consulting business so this isn't surprising. Maybe the mention of a bank or retailer in the Fortune ranks is in order. I suspect the economics nor the customer base simply aren't their...
Consider for a moment, how many Fortune enterprises have Active Directory in a production environment. Out of the Fortune 500, Sun is the only hold out. You would think that if Active Directory were so pervasively implemented that software vendors would want to deeply integrate with it, but nothing could be further from the truth.
I would disagree. OpenLDAP is right up there, in fact most enterprises don't use AD[?] for true Directory requirements. Speak to Suretec and Symas for more information.
I recently tested Isode's M-Vault 14. For the most part there were no surprises, we were 5-6 times faster on the 1M entry DB. Load times were comparable, with OpenLDAP at around 3 minutes (as before) and Isode at around 4 minutes. While OpenLDAP delivered over 29,000 auths/sec using 8 cores, Isode delivered only 4600 auths/sec. (And there's still the interesting result that OpenLDAP delivered almost 31,000/sec using only 7 cores, leaving one core reserved for the ethernet driver.)
I just do OpenLDAP. We've benchmarked it on Itaniums at Intel's request in the past. This is just another benchmark for us, and my only motivation is to see my code run as fast as possible on a given platform.
I should point out that all of the code used in my tests is freely available to anyone, and the machine configurations were all provided as well. Anybody can set up the same environments and duplicate the results I obtained. As with all of our previous tests, all of our data and software configs are available for download to anybody who wants them. As much as possible of the software was identical across all machines, at least at the source code level. Yet another nice thing about working with open source -- you can't hide. If we rigged the results, any third party could easily expose whatever trickery.
In hindsight, I probably should have also benchmarked the Intel binary on the AMD machine and vice versa, to see how much impact the compiler options had. I may give that a try later. We also have a Sun 5120 due to arrive in a week or two (Niagara 2 system), which will be interesting.
Welcome to the seventh issue of OpenLDAP Weekly News (OWN), the unofficial weekly newsletter for the OpenLDAP community.
This will be released every Sunday (or thereabouts), covering the latest goings on in and around the OpenLDAP community.
Summary:
- OpenLDAP 2.4.7 Released
- OpenLDAP 2.3.40 Released
- New Mailing List
- Update on Build Farm
- Contributions
- OpenLDAP Documentation updates
- OpenLDAP Development
- Community Binaries
- Blog LDAP[?] Schema Update
- "If there was an OpenLDAP Cookbook, what recipes would you like to see?"
- Selected user issues and solutions discussed
- LDAP Roundup
Continue reading "OpenLDAP Weekly News Issue 7"
Warning: Use of undefined constant CHARSET_NATIVE - assumed 'CHARSET_NATIVE' (this will throw an Error in a future version of PHP) in /home/suretecsystems/www/blog/serendipity_config.inc.php on line 182