34.1 LDAP versus NIS
The Unix system administrator traditionally uses the NIS service for name
resolution and data distribution in a network. The configuration data
contained in the files in /etc and the directories
group, hosts,
mail, netgroup,
networks, passwd,
printcap, protocols,
rpc, and services are distributed
by clients all over the network. These files can be maintained without major
effort because they are simple text files. The handling of larger amounts of
data, however, becomes increasingly difficult due to nonexistent
structuring. NIS is only designed for Unix platforms. This means it is not
suitable
as a centralized data administration tool in heterogeneous networks.
Unlike NIS, the LDAP service is not restricted to pure Unix networks.
Windows servers (from 2000) support LDAP as a directory service. Application
tasks mentioned above are additionally supported in non-Unix systems.
The LDAP principle can be applied to any data structure that should be
centrally administered. A few application examples are:
-
Employment as a replacement for the NIS service
-
Mail routing (postfix, sendmail)
-
Address books for mail clients, like Mozilla, Evolution, and
Outlook
-
Administration of zone descriptions for a BIND9 name server
-
User authentication with Samba in heterogeneous networks
This list can be extended because LDAP is extensible, unlike NIS. The
clearly-defined hierarchical structure of the data eases the administration
of large amounts of data, because it can be searched more easily.