I've only ever gotten in trouble when trying to take pictures using a flash (Tokyo Japan, Washington D.C. museums) because it was so dark. I've never had issues with flashless photography.
The questioner did mention openldap. The advantage of going to the apple solution would be the integration that it would provide, rather than "cobbling" together the solution themselves (as they said themself.) It's not just the GUI. Then again, it would be one more thing to manage/maintain.
From the summary, in the last sentence (you didn't even have to RTFA):
"Tapwave employees were showing Zodiacs running their own port of Linux 2.6.10, with ports of SDL, Python, PyGame, mpg123, and primitive power management. It is unknown what will become of this work."
I believe that is the code to which they were referring.
Debian "just works" for servers. For desktops, it's a bit of a nightmare to set up and get right. Especially for Laptops, where hardware needs newer kernels and more cutting-edge drivers. Ubuntu definitely has that dead-on. It's the FIRST distribution I have not had to recompile the kernel on in order to get everything to work right.
I would almost picture "Ubuntu" as the proposed "Debian Desktop" that was discussed a while back. Ubuntu has up-to-date software on a time-based schedule, whereas Debian proper is more... liesurely and secure.
Yup, have to agree here. I do believe OpenLDAP is getting this soon though. I think its in the latest betas.
Well, it's going to be a moot point as soon as redhat releases the Netscape Directory server source that they bought. They've had a few patches over the years, but nothing that made it into a release.
I'm sorry I can't give you anything better than colloquial evidence, but I do run a 700,000 email a day system and every mail coming in is one to three LDAP lookups. The CPU load on my load balanced OpenLDAP servers is never more than 0.01 load average. The machines are 2.8Ghz 2GB memory IBM 306's. I think performance has less to do with what directory product you use, rather how fast your hardware is. Considering that licenses for a commercial directory server probably equals an extra server, I'd rather have that extra server;) It would be really nice for someone to do benchmarks though.
I would say that system load does not necessarily equate performance. I agree it's lightweight, but it does not respond as quickly as the commercial products. Unfortunately, the only benchmarking document I could find is from 2001, which is rather outdated, and OpenLDAP has come a ways since then.
I would disagree that faster hardware == faster directory. To a point, that is true, but when you get into larger Directories and higher utilization of the Directory, the software has a huge impact. Granted, anything on a 486 with 16mb RAM is going to be slow.
For the record, (700,000 * 3) = 2.1m queries/day. It's a decent load, but it also depends on what kind of queries are being performed and how many entries there are, etc... Just listing how many queries isn't very telling of performance.
I'm always caught between two opposing viewpoints when I think about the "benefits" of vendor support. If its a company like Oracle or Sun, then I think there is validity to what you say. But, for smaller products, or smaller vendors, "vendor support" can be a two edged sword. I've been left wishing I could send an email to a public mailing list to ask what the hell was going wrong with a proprietary system and knowing it was impossible. With products like OpenLDAP, you generally post, and one of the developers answer. How does that compare with Oracle? You usually have to climb through 15 levels of beuracracy before you can talk to an actual developer!
Agreed. It's irritating digging through sun support at times, and binary patches are irritating as well. Yet another reason why I am waiting for RedHat to release their purchased Netscape DS. It's the best of both worlds. Can't wait!
Understanding and Deploying LDAP Directory services: http://www.amazon.com/exec/obidos/tg/de tail/-/0672 323168/qid=1110838872/sr=8-1/ref=sr_8_xs_ap_i1_xgl 14/002-0439029-3995207?v=glance&s=books&n=507846 A good book.
1a.) Multi-master replication. Something very handy to have when you're looking at high-availability environments.
1b.) Speed. OpenLDAP can be tuned quite nicely, but doesn't match the performance of the commercial app's. If someone has anything contrary to this, I'd love to hear it.
1c.) Supportability. Having a vendor to yell at when it all falls down in pieces is rather handy.
I am waiting with baited breath for Redhat's release of the Netscape Directory server 6 code. That would solve these three problems. For smaller or simpler applications, openldap does wonderfully. It's not until you hit the higher end that you start "needing" the commercial app's.
I'm not sure what you meant by "or Enterprise Linux"... Are you referring to the frequent requirement of the commercial apps that you be using the enterprise distributions? If that's what you're referring to, it's probably because those distributions are rather stable targets for support, having a much slower development and release cycle.
How would a flatter DIT alter replication significantly? At the very least, it would be easier to manage with fewer replication agreements. Would you be referring to catching up to the changes? That problem would exist no matter what, given a certain number of entries or number of changes.
I'd be interested in hearing your experience, as I've been on deployments with hundreds of thousands of users under an OU. Most directory structures are going for a flatter design (per resource type), using attributes to define location.
At the ISPs that I've dealt with, they have many hundreds of thousands of users under ou=people. There's simply no logical way of breaking it up beyond what mail store the users are on. Anything beyond that would be adding unnecessary complexity. What Directory products have you dealth with that have subdivided OUs so? If anything, you would like a shallower Directory, rather than a deeper one.
I believe their argument is that it is not an emulator, but rather a compatibility layer. It allows win32 based applications to run on linux/unix, making win32 just another windowing toolkit. If you think of it, when it says it's "win95", it's simply advertising a level of features to applications running on it, just as gtk libraries would say they're a certain version, and that they support certain features.
It could go even further, because the windows versions (2k/xp) have versions other than their PR names (NT 4/5/6, etc.) showing that they are revisions of the same product, supporting the idea of "emulating win95/2k" as advertising support for specific features.
Are the gtk libraries/environment an emulator? (This would be the point of view.)
I have to say that I was not very impressed with opengroupware. It is very big and bulky. I was very impressed with at how easily I compiled and installed Hula. One of the goals (it seems) with Hula is to add the iCalendar/groupdav/webdav whatever portion.
They both have their place, but I like the idea of a more lightweight solution, as all I really desire is calendar, mail, and contacts. There are other products that can fill the collaborative work function.
Well, there seems to be a fair amount of discussion about ditching outlook and going to thunderbird/sunbird or waiting for evolution on win32. These clients would use open standards rather than microsoft's proprietary protocols. Is there any particular reason why you wish to have outlook connectivity?
I think the sunbird/thunderbird combination could work quite well. Outlook has a history of horrible security flaws, which should help in convincing companies into using alternative clients.
If someone really wants maildir support, they can add it, or have it added.
Yes, yes it is.:) It also has a pretty interesting architecture of "agents". I'm wondering if an agent could be written to deliver to Maildirs instead of mboxes.
Now, if they would just add a connector that allows the storage of mail in an SQL database...
I don't understand the desire for DB-backed mailstores. Indexed files work just as well, without the added complexity.
I remember an exchange admin asking me (in relation to iPlanet mail server): "how long does it take to restore the database?" That, in a nutshell, is what I think of db-backed mailstores. Adding complexity with little benefit. I checked out dbmail a while ago, but was amazed at all the problems that project has with very basic functionality. Just a bit ago (the date says 2004-01-12, I'm assuming it's 2005-01-12):
"2.0.2 Had a tendency to die when authenticating using POP3 or IMAP. Please don't use 2.0.2 and upgrade to 2.0.3."
Please, tell me what you like about it. It's an interesting and worthwile project, I just fail to see the benefit (other than single store of messages, but I'm sure something could be worked out with plain file setups as well.)
The features they list don't seem that extravagant. Most file-based setups use lightweight index files of some sort to prevent excessive searching.
I would disagree that it is completely irrelevant. Locking is a pretty big issue, and mboxes are prone to corruption (especially when they grow to any substantial size) and make life hell for NFS/AFS/Coda home directories. I'm not sure what you mean by "private use" and how that relates.
Overall, a solution like maildir is a lot more flexible. The only disadvantages that maildir has would be slightly more complex set up (but then again, you don't have to worry about locking) and additional time for backing up. I've been very happy with maildir, and haven't had (knock on wood) any corruption issues.
It uses mbox. VERY disappointing. Hopefully there is/will be some sort of plugin structure to get it to support Maildir (without having to use an alternate IMAP store) or a more robust storage format.
The two are not mutually exclusive. Many vendors do this (open-sourcing a product and selling it commercially.)
The key is that people want support when they get a product. This way, Novell can capitalize on the development of the product, then sell it to people and support it. It makes sense, really.
And yes, it looks like an Exchange replacement, as it has integrated mail and calendaring. That's basically why people go to exchange. Add in tasks, contacts, and a few other things, and that's Exchange in a nutshell.
DSL does not require a "phone line." If you look at speakeasy, you'll see "onelink" which does not require phone service. Yes, it requires the POTS copper loop, but not the phone service. I think it costs something like $5 more than getting DSL added to a phone line (for renting the loop from the telco.)
I think you're missing the point. I'm not arguing that they didn't have the right to ask the people to leave, I'm stating two things:
1.) They WERE, in fact, invited. You didn't address that portion of my comment, which kind of backs up my troll allegations.
2.) They did not misbehave in any way (from reading the article at least) and did not have any "stop the lying warmonger from killing more people" T-Shirts, but instead had shirts that only said "protect our civil liberties".
You have changed the argument from "why would they object to such a shirt" to "they had a right to do so." Of course they did. I'm not saying they didn't. What I'm saying is that usually that right is reserved for agreessive actions (shouting out, throwing something, etc.)
And as far as protesting in the streets is concerned, I consider it to be the lowest form of protesting. Holding signs and yelling at the president is quite possibly the least effective means of getting your point made. Yes, I still support it as legal, but such situations are often dangerous, and rarely lead to any good...
I would be curious to hear how you think people would better protest. How else should they be heard?
I'm curious, exactly what anti-speech actions are you talking about?
He's probably referring to the premature and/or mass arrests of protesters taking advantage of "the lowest form of protesting" (your words.) I think he may be talking about protesters (again, practicing "the lowest form") being cordoned off into a "free speech zone" blocks away from events.
Just google for "Bush" and "freedom of speech". Please make note of the quotes. You will get ironically different results without them.
Slashdot Mirror
I've only ever gotten in trouble when trying to take pictures using a flash (Tokyo Japan, Washington D.C. museums) because it was so dark. I've never had issues with flashless photography.
I think the moderator(s) missed the joke.
Parent post was making a joke on "polish" the language, not "polish" like shiny brass.
The questioner did mention openldap. The advantage of going to the apple solution would be the integration that it would provide, rather than "cobbling" together the solution themselves (as they said themself.) It's not just the GUI. Then again, it would be one more thing to manage/maintain.
Palm is already working on porting PalmOS to Linux anyway, so it's kind of a moot point:
http://www.engadget.com/entry/1234000610023038/
I believe that is the code to which they were referring.
Debian "just works" for servers. For desktops, it's a bit of a nightmare to set up and get right. Especially for Laptops, where hardware needs newer kernels and more cutting-edge drivers. Ubuntu definitely has that dead-on. It's the FIRST distribution I have not had to recompile the kernel on in order to get everything to work right.
I would almost picture "Ubuntu" as the proposed "Debian Desktop" that was discussed a while back. Ubuntu has up-to-date software on a time-based schedule, whereas Debian proper is more... liesurely and secure.
Yup, have to agree here. I do believe OpenLDAP is getting this soon though. I think its in the latest betas.
Well, it's going to be a moot point as soon as redhat releases the Netscape Directory server source that they bought. They've had a few patches over the years, but nothing that made it into a release.
I'm sorry I can't give you anything better than colloquial evidence, but I do run a 700,000 email a day system and every mail coming in is one to three LDAP lookups. The CPU load on my load balanced OpenLDAP servers is never more than 0.01 load average. The machines are 2.8Ghz 2GB memory IBM 306's. I think performance has less to do with what directory product you use, rather how fast your hardware is. Considering that licenses for a commercial directory server probably equals an extra server, I'd rather have that extra server
I would say that system load does not necessarily equate performance. I agree it's lightweight, but it does not respond as quickly as the commercial products. Unfortunately, the only benchmarking document I could find is from 2001, which is rather outdated, and OpenLDAP has come a ways since then.
I would disagree that faster hardware == faster directory. To a point, that is true, but when you get into larger Directories and higher utilization of the Directory, the software has a huge impact. Granted, anything on a 486 with 16mb RAM is going to be slow.
For the record, (700,000 * 3) = 2.1m queries/day. It's a decent load, but it also depends on what kind of queries are being performed and how many entries there are, etc... Just listing how many queries isn't very telling of performance.
I'm always caught between two opposing viewpoints when I think about the "benefits" of vendor support. If its a company like Oracle or Sun, then I think there is validity to what you say. But, for smaller products, or smaller vendors, "vendor support" can be a two edged sword. I've been left wishing I could send an email to a public mailing list to ask what the hell was going wrong with a proprietary system and knowing it was impossible. With products like OpenLDAP, you generally post, and one of the developers answer. How does that compare with Oracle? You usually have to climb through 15 levels of beuracracy before you can talk to an actual developer!
Agreed. It's irritating digging through sun support at times, and binary patches are irritating as well. Yet another reason why I am waiting for RedHat to release their purchased Netscape DS. It's the best of both worlds. Can't wait!
Fixed link:
2 323168/qid=1110838872/sr=8-1/ref=sr_8_xs_ap_i1_xgl 14/002-0439029-3995207?v=glance&s=books&n=507846
For the record, this is a general LDAP book, not specific to OpenLDAP.
http://www.amazon.com/exec/obidos/tg/detail/-/067
obligatory link to a book on amazon:
e tail/-/0672 323168/qid=1110838872/sr=8-1/ref=sr_8_xs_ap_i1_xgl 14/002-0439029-3995207?v=glance&s=books&n=507846
Understanding and Deploying LDAP Directory services:
http://www.amazon.com/exec/obidos/tg/d
A good book.
Reasons for problem #1:
1a.) Multi-master replication. Something very handy to have when you're looking at high-availability environments.
1b.) Speed. OpenLDAP can be tuned quite nicely, but doesn't match the performance of the commercial app's. If someone has anything contrary to this, I'd love to hear it.
1c.) Supportability. Having a vendor to yell at when it all falls down in pieces is rather handy.
I am waiting with baited breath for Redhat's release of the Netscape Directory server 6 code. That would solve these three problems. For smaller or simpler applications, openldap does wonderfully. It's not until you hit the higher end that you start "needing" the commercial app's.
I'm not sure what you meant by "or Enterprise Linux"... Are you referring to the frequent requirement of the commercial apps that you be using the enterprise distributions? If that's what you're referring to, it's probably because those distributions are rather stable targets for support, having a much slower development and release cycle.
How would a flatter DIT alter replication significantly? At the very least, it would be easier to manage with fewer replication agreements. Would you be referring to catching up to the changes? That problem would exist no matter what, given a certain number of entries or number of changes.
I'd be interested in hearing your experience, as I've been on deployments with hundreds of thousands of users under an OU. Most directory structures are going for a flatter design (per resource type), using attributes to define location.
At the ISPs that I've dealt with, they have many hundreds of thousands of users under ou=people. There's simply no logical way of breaking it up beyond what mail store the users are on. Anything beyond that would be adding unnecessary complexity. What Directory products have you dealth with that have subdivided OUs so? If anything, you would like a shallower Directory, rather than a deeper one.
Of course it's not Unix, just look at the name. :)
I believe their argument is that it is not an emulator, but rather a compatibility layer. It allows win32 based applications to run on linux/unix, making win32 just another windowing toolkit. If you think of it, when it says it's "win95", it's simply advertising a level of features to applications running on it, just as gtk libraries would say they're a certain version, and that they support certain features.
It could go even further, because the windows versions (2k/xp) have versions other than their PR names (NT 4/5/6, etc.) showing that they are revisions of the same product, supporting the idea of "emulating win95/2k" as advertising support for specific features.
Are the gtk libraries/environment an emulator? (This would be the point of view.)
What are your thoghts on kicking outlook to the curb and using thunderbird/sunbird?
I have to say that I was not very impressed with opengroupware. It is very big and bulky. I was very impressed with at how easily I compiled and installed Hula. One of the goals (it seems) with Hula is to add the iCalendar/groupdav/webdav whatever portion.
They both have their place, but I like the idea of a more lightweight solution, as all I really desire is calendar, mail, and contacts. There are other products that can fill the collaborative work function.
Well, there seems to be a fair amount of discussion about ditching outlook and going to thunderbird/sunbird or waiting for evolution on win32. These clients would use open standards rather than microsoft's proprietary protocols. Is there any particular reason why you wish to have outlook connectivity?
I think the sunbird/thunderbird combination could work quite well. Outlook has a history of horrible security flaws, which should help in convincing companies into using alternative clients.
Yes, yes it is.
I don't understand the desire for DB-backed mailstores. Indexed files work just as well, without the added complexity.
I remember an exchange admin asking me (in relation to iPlanet mail server): "how long does it take to restore the database?" That, in a nutshell, is what I think of db-backed mailstores. Adding complexity with little benefit. I checked out dbmail a while ago, but was amazed at all the problems that project has with very basic functionality. Just a bit ago (the date says 2004-01-12, I'm assuming it's 2005-01-12):
"2.0.2 Had a tendency to die when authenticating using POP3 or IMAP. Please don't use 2.0.2 and upgrade to 2.0.3."
Please, tell me what you like about it. It's an interesting and worthwile project, I just fail to see the benefit (other than single store of messages, but I'm sure something could be worked out with plain file setups as well.)
The features they list don't seem that extravagant. Most file-based setups use lightweight index files of some sort to prevent excessive searching.
I would disagree that it is completely irrelevant. Locking is a pretty big issue, and mboxes are prone to corruption (especially when they grow to any substantial size) and make life hell for NFS/AFS/Coda home directories. I'm not sure what you mean by "private use" and how that relates.
Overall, a solution like maildir is a lot more flexible. The only disadvantages that maildir has would be slightly more complex set up (but then again, you don't have to worry about locking) and additional time for backing up. I've been very happy with maildir, and haven't had (knock on wood) any corruption issues.
gratuitous URL: http://www.qmail.org/man/man5/maildir.html
Replying to myself:
e _Structure
http://www.hula-project.org/index.php/Mailbox_Fil
It uses mbox. VERY disappointing. Hopefully there is/will be some sort of plugin structure to get it to support Maildir (without having to use an alternate IMAP store) or a more robust storage format.
What sort of user store do the default MTA and POP/IMAP services use? What store does it use for storing calendar objects and entries?
The two are not mutually exclusive. Many vendors do this (open-sourcing a product and selling it commercially.)
The key is that people want support when they get a product. This way, Novell can capitalize on the development of the product, then sell it to people and support it. It makes sense, really.
And yes, it looks like an Exchange replacement, as it has integrated mail and calendaring. That's basically why people go to exchange. Add in tasks, contacts, and a few other things, and that's Exchange in a nutshell.
DSL does not require a "phone line." If you look at speakeasy, you'll see "onelink" which does not require phone service. Yes, it requires the POTS copper loop, but not the phone service. I think it costs something like $5 more than getting DSL added to a phone line (for renting the loop from the telco.)
I think you're missing the point. I'm not arguing that they didn't have the right to ask the people to leave, I'm stating two things:
1.) They WERE, in fact, invited. You didn't address that portion of my comment, which kind of backs up my troll allegations.
2.) They did not misbehave in any way (from reading the article at least) and did not have any "stop the lying warmonger from killing more people" T-Shirts, but instead had shirts that only said "protect our civil liberties".
You have changed the argument from "why would they object to such a shirt" to "they had a right to do so." Of course they did. I'm not saying they didn't. What I'm saying is that usually that right is reserved for agreessive actions (shouting out, throwing something, etc.)
I think it'd be interesting to hear ANY candidate talk to protesters.
I'd love to hear what people have against Kerry, if only for my education.
My girlfriend is convinced (violently hopes) that Bush is just a helpless pawn being used.
It would be an amazing thing for him to wake up and do something good (as in, resign from the election), wouldn't it?
I just hope the rest of the world forgives us. Please keep in mind we're trying to get rid of him.
And as far as protesting in the streets is concerned, I consider it to be the lowest form of protesting. Holding signs and yelling at the president is quite possibly the least effective means of getting your point made. Yes, I still support it as legal, but such situations are often dangerous, and rarely lead to any good...
I would be curious to hear how you think people would better protest. How else should they be heard?
I'm curious, exactly what anti-speech actions are you talking about?
He's probably referring to the premature and/or mass arrests of protesters taking advantage of "the lowest form of protesting" (your words.) I think he may be talking about protesters (again, practicing "the lowest form") being cordoned off into a "free speech zone" blocks away from events.
Just google for "Bush" and "freedom of speech". Please make note of the quotes. You will get ironically different results without them.