What, Why, and How

• Brief history of our project
• How we arrived at our choice of replacement
• Our performance requirements
• Hiring Symas

Related pages

• Directory Service page
• Overview of the OpenLDAP project

• QUICK LINKS
  • answers.stanford.edu
  • apple.stanford.edu
  • computing.stanford.edu
  • courses.stanford.edu
  • datarates.stanford.edu
  • dell.stanford.edu
  • departmentphone.stanford.edu
  • email.stanford.edu
  • ess.stanford.edu
  • helpsu.stanford.edu
  • myitserviceshelp.stanford.edu
  • orderithelp.stanford.edu
  • software.stanford.edu
  • studentphone.stanford.edu
  • techtraining.stanford.edu
  • tools.stanford.edu
  • unixcomputing.stanford.edu
  • vpn.stanford.edu
  • web.stanford.edu
  • windows.stanford.edu
• SERVICES
  • IT Services Only
  • All Campus Providers
    → computing.stanford.edu
• GETTING HELP
  • Stanford Answers
  • HelpSU: IT Help Desk
  • Training
• PROJECTS
• ABOUT US
  • What We Do
  • Organization Chart
  • Strategic Plan
  • Jobs
  • Contact info
  • Service & System Metrics
• INTERNAL
• SEARCH

  • Search IT Services:
     

As we prepared to move forward with our project, we drew up a base set of requirements of what we felt (at the time) would be necessary for us to have an operating directory system. Below is the table that was devised to express those requirements. Note that this table has been updated as new information has become available.

Directory Migration: Choice Table

LDAP Server Software Packages

• OpenLDAP - 2.1.23

• SunONE- 5.2

• DirX Server - 6.0

• Intrastore Server 2000

• eTrust Directory - 3.6

• NDS Corporate Edition - 8.7.1

• ADS - Windows 2000 server edition

Comparison Chart

* Aside from an active mailing list, support can be purchased from Symas Corp., Mind NV, or Inter7.
** An example of this search is "cn=quan* mount". This should not match "cn=quantify dismount". Later learned that this is not a valid requirement as it does not meet X.500 standards.

Reviews (when available)

• Intrastore Server 2000

End of Choice Table section

As you can see from the table, there is a lot of information missing for many of the clients. This is due to the fact it is very difficult to get solid, reliable information about the different directory clients from the web pages and/or the brochures provided by the companies. There was also some difficulty getting effective information from the sales staff.

A large part of our decision tree was based off of the use of Kerberos. Stanford uses Kerberos for authentication purposes, and it was an immutable requirement that whatever directory service we went with allowed the use of Kerberos V. Our original thought was to migrate our existing Kerberos IV users of Netscape to OpenLDAP, this plan was later abandoned as the process was not simple for later reasons.

Continue on to our performance requirements