26.1 LDAP versus NIS
The Unix system administrator traditionally uses the NIS service for name
resolution and data distribution in a network. The configuration data
contained in the files in /etc and the directories
group, hosts,
mail, netgroup,
networks, passwd,
printcap, protocols,
rpc, and services are
distributed by clients all over the network. These files can be
maintained without major effort because they are simple text files. The
handling of larger amounts of data, however, becomes increasingly
difficult due to nonexistent structuring. NIS is only designed for Unix
platforms. This means it is not suitable as a centralized data
administration tool in heterogeneous networks.
Unlike NIS, the LDAP service is not restricted to pure Unix networks.
Windows servers (from 2000) support LDAP as a directory service.
Application tasks mentioned above are additionally supported in non-Unix
systems.
The LDAP principle can be applied to any data structure that should be
centrally administered. A few application examples are:
-
Employment as a replacement for the NIS service
-
Mail routing (postfix, sendmail)
-
Address books for mail clients, like Mozilla, Evolution, and Outlook
-
Administration of zone descriptions for a BIND9 name server
-
User authentication with Samba in heterogeneous networks
This list can be extended because LDAP is extensible, unlike NIS. The
clearly-defined hierarchical structure of the data eases the
administration of large amounts of data, because it can be searched more
easily.
