Slashdot Mirror

← Back to Stories (view on slashdot.org)

Red Hat Acquires Netscape Server Products

Posted by michael on from the fire-sale dept.

KrisWithAK writes "According to a press release, Red Hat is acquiring parts of the Netscape Enterprise Suite including the directory server and certificate management system. I am definitely looking forward to more open source competition with OpenLDAP!"

20 of 257 comments (clear)

  1. What';s wrong with OpenLDAP? by tcopeland · · Score: 4, Informative

    I've used it to replace some Netscape stuff - it was part of a big Weblogic->Oracle->Solaris EJB app.

    OpenLDAP seemed to work fine, although maybe it was because we weren't really loading it up too much...

    --
    The Army reading list
    1. Re:What';s wrong with OpenLDAP? by KrisWithAK · · Score: 4, Informative

      It simply depends on the project for which you are using a LDAP server. A project that I am interested in starting would require dyanmic changes to schema as well as security. At least for dynamic security changes, this is implemented in the Netscape directory I believe. On the other hand, you can check out Apple's Open Directory project that has patches for OpenLDAP.

    2. Re:What';s wrong with OpenLDAP? by Penis_Envy · · Score: 4, Informative

      Amen. I have nothing against openldap, and have used it in the past, but the sheer ease of managing iPlanet/Netscape/Sun's DS is wonderful. Dynamic schema updates, dynamic aci updates, dynamic anything. All server configuration can be managed through LDAP. Great stuff.

  2. Ease of LDAP. by Anonymous Coward · · Score: 5, Insightful

    "I am definitely looking forward to more open source competition with OpenLDAP!"

    I'm looking more for an LDAP that's easy to setup and run.

    1. Re:Ease of LDAP. by LnxAddct · · Score: 5, Informative

      Then this is definitly for you. Red Hat, as with all things, will open source this. A lot of people say bad things about Red Hat, but they do alot for the community, they just don't try to take the spotlight. I mean how cool is their patent policy? Any patent they get ( which is always for defensive purposes) can be used by any free software project without worries.
      Regards,
      Steve

    2. Re:Ease of LDAP. by Trolling4Dollars · · Score: 4, Informative

      You said that wrong. Let me help:

      I, for one, welcome our new LDAP overlords!

      With that said, let me also say that I've been working with Sun's iPlanet Directory server since they acquired it from Netscape. It's used for our iPlanet mail suite. In a word, it sucks ass. The intial migration from Netscape Directory server 3.x to iPlanet's directory server was a nightmare. The documentation on the schema layout for mail was non-existent. (Still is as far as I know) There were no migration tools. I just had to dump the Netscape Directory server data to a huge text file. iPlanet support then told me to go through this file by hand and edit or remove any of the lines that didn't apply or had the wrong format. !!!! WTF!? I spent months of late nights pushing the file back and forth between OpenVMS and Solaris just so my boss could use DCL and EDT to make most of the changes needed. The migration actually took me about a year and a half and there is still detritus floating around the LDAP directory. I now have a better understanding of the user account portion of iPlanet's schema, but no thanks to Sun. iPlanet sucks. I can only hope that Redhat will do a better job with what they've acquired.

      One last bit to my rant:
      Sun STILL has portions of the old Netscape administration tools in the iPlanet suite. This wouldn't be a problem except for the fact that they still kind of work. Enough to damage LDAP data. According to their support they told me to NOT use those tools. THEN WHY THE HELL ARE THEY STILL INCLUDED!!!!??? Crap. Pure crap.

      --
      Un-news
  3. AOL already uses it..... by ARRRLovin · · Score: 4, Interesting

    ....it must be good!

    I hope they can advance enough to make some real competition for Microsoft Active Directory. I know a huge reason Windows shops never consider an alternative is because the AD GPO allows for some very granular management of AD resources.

    --
    -Randy
  4. Re:Looks like a good fit. by Plake · · Score: 5, Informative

    Developers from Netscape started LDAP. From the looks of the Directory Server it does.

    Here's the feature guide for Directory Server 6.21.

    --
    Check out Mon and Mon.cgi
  5. Increasing Power of Red Hat by ZSmitty · · Score: 5, Insightful

    Just two years ago AOL was looking to aquire Red Hat. http://slashdot.org/articles/02/01/19/041215.shtml It's amazing how things have changed. Where AOL once wanted Red Hat to be another Netscape for them, Red Hat is now purchasing parts of Netscape from AOL. Personally, I think its great.

  6. Please tell me about Netscape LDAP server ACL by Etyenne · · Score: 4, Interesting

    In the past, RedHat have been open-sourcing pretty much every applications they acquired AFAIK (see Sistina GFS, for example). Thus, I am pretty confident we will soon have a second Open-Source LDAP server from this deal. There is no garatee, but I am looking forward to it.

    For those who are familiar with Netscape LDAP server, could you teach me a bit about its ACL management capability ? OpenLDAP, in this regard, is pathetic. The ACL have to be written in some kind of filter language *inside* the config file, which need a restart/reload to take effect. It is very error-prone and basically the part of OpenLDAP that give me the most troubles. How is Netscape in this regard ? Can you define by-object ACL ? How are they stored ? How do you manage them ?

    Thanks for you insights !

    --
    :wq
    1. Re:Please tell me about Netscape LDAP server ACL by Penis_Envy · · Score: 4, Informative

      ACL's in iPlanet/Netscape/Sun's DS are wonderful. ACL's can be held in any entry, and take effect immediately. All you have to do is request the aci attribute (assuming you have priveledges) to see the rules. Acl's go so far as to be dynamic, too, taking into account the binding user's DN, being able to create masks, etc.. There are some wonderful features that I hope make it into openLDAP, or heck, if they just open the source of Netscape DS, that'd be incredible.

  7. Re:Looks like a good fit. by Penis_Envy · · Score: 4, Informative

    1. Netscape DS compares very favorably. It has multi-master replication, and its performance is far above that of openLDAP. OpenLDAP is opensource, though, and very flexible. Netscape has to be paid for, and it's (if I recall) per-seat licensing. Sun's DS is per-entry licensing. Sun's DS and Netscape's DS are very similar, being forks of iPlanet's DS.

    2. Yes, sort of. Some forms of replication can work, and both are standard ldap servers. As far as I know (I haven't used openldap for a bit) openldap cannot understand Netscape/iPlanet/Sun Directory server's new replication.

  8. Re:Does OpenLDAP even work? by Etyenne · · Score: 4, Insightful

    It work fine. Use the package for your distribution, don't try to compile it yourself if you are unsure about what to do. The man page seem to reflect the current command-line options, I don't see much problem here.

    LDAP in general and OpenLDAP in particuliar is a complex subject. The initial learning curve is pretty steep. Good luck with it.

    --
    :wq
  9. Re:Does OpenLDAP even work? by gunnk · · Score: 4, Informative

    I can respond to that with an enthusiastic YES, it does work.

    We use it to authenticate our email and calendar users (from two different servers). I'm migrating us off our OLD Netware servers (damn lean budget years!) to Samba and am setting Samba to authenticate against it as well, finally giving our users a single userid and password for all our services.

    OpenLDAP is lightweight (size and CPU-wise), robust, and reliable. It's also really easy to set up if you use the version included with your distribution. You can also replicate the server to give yourself good fault-tolerance on another piece of hardware.

    RedHat has good online documentation on their website in the RHEL Reference Guide that should help explain things to you a bit.

    --
    Life is short: void the warranty.
  10. Re:are they gonna open source it? by LnxAddct · · Score: 5, Interesting

    Everything Red Hat has, does, or buys becomes open source. This is equally true for their patents (which are aquired for defensive reasons). Here is their patent policy. In short, it states that any patents they hold may be used by any free software project without fear of any infringement.
    Regards,
    Steve

  11. The significance of this... by Pivot · · Score: 4, Interesting

    is that now the best LDAP server in the marketplace in terms of functionality (4 way clustering, complete in-tree ACL support, enterprise level scalability) now becomes available as open source. The iplanet offering comes with a per entry licensing fee of about $1 (less if you need more than one million entries). Our company actually went out and bought Sun servers to avoid this, since Solaris includes a decent number of entry licenses per server. Now we can deploy on linux servers instead without the licensing hassle. Another nail in the Sun coffin...

  12. Re:That's still around? by LnxAddct · · Score: 5, Interesting

    If you've ever had to use openLDAP then you will never be happier once RH releases this. The features are limitless, but two things off the top of my head are that it has a significant improvement as far as speed and system resources go, and also it has good, advanced replication. It's easy to use and just an all around good architecture. Try it out when its released, it will speak for itself. Personally, I'm more interested in the Certificate Server.
    Regards,
    Steve

  13. A smart move by IGnatius+T+Foobar · · Score: 4, Interesting

    This is a smart move on Red Hat's part. It's clear to them that in order to remain competitive in the enterprise space, they have to have a "middleware stack" (as the industry has been calling it). Sun has SunOne/N1, Microsoft has ADS, and of course Novell has NDS/eDirectory which is soon to be a major Linux product. It would have quickly become a big gap in Red Hat's offering.

    By acquiring this software, Red Hat immediately improves the value proposition of their platform. By open sourcing it, the software can quickly gain mindshare and installed base. Imagine what would have happened if Novell had done this in, say, 1999. There'd be NDS everywhere, and Active Directory wouldn't have nearly the penetration it does today.

    --
    Tired of FB/Google censorship? Visit UNCENSORED!
  14. Shot across the bow to Novell/SuSE by mosel-saar-ruwer · · Score: 4, Insightful

    I didn't even realize there still was a standalone Netscape offerring. We migrated from Netscape to iPlanet to Sun Web to Sun Java One (or something like that). Anybody out there stick with the Netscape product?

    This is a direct challenge to Novell/SuSE and Novell Directory Services [or eDirectory, or whatever they're calling it this week].

    Red Hat must have realized that they needed a directory offering to compete in the enterprise.

    That gives us four major directory vendors:

    1) Novell/SuSE/Ximian/Novell Directory Services
    2) Microsoft/Active Directory
    3) Sun/Sun One [iPlanet] 4) RedHat/Netscape Directory Server
    PS: Now that the Netscape browser has devolved into Firefox, and the enterprise stuff has been sold to Red Hat, does Netscape still exist as an independent company [other than some "portal" site on the web]?

    PPS: And are there any /. CPAs who'd care to calculate AOL's return on investment from the Netscape purchase?

  15. Re:ldap vs. sql by prowley · · Score: 4, Informative

    Yes a Directory Server is a database. However, whereas a SQL server is a general purpose database engine, an LDAP Directory Server is typically optimized for read speed at the expense of write speed. Other highlights include a hiarchical tree structure to store entries and extensive standard schema for many object types.
    Essentially, LDAP directories fill niche roles, one of which is as an address book server, another is authentication services. In their niche, DS deployments are unequalled (and no, slapping an LDAP protocol interface on a SQL engine doesn't cut it.) One guiding principal is if you have 70/80% reads to 30/20% writes - a directory server may be a better option for your application. There are other considerations, but that is beyond the scope of this blah blah blah...