Readers of my Wired Windows column in Network World know that I’m not a big fan of the open source movement – at least as far as commercial-grade software is concerned. For that reason, I haven’t paid much attention to Open Lightweight Directory Access Protocol (LDAP) – (http://nww1.com/go11/0611DSV2A.html), the open source directory service.
Of course, there’s also the fact that OpenLDAP defines itself as “…an open source implementation of the Lightweight Directory Access Protocol.” Last time I looked, LDAP was defined in a series of Internet Engineering Task Force Requests for Comment (IETF RFCs), which is about as “open” (that is, its published for all to use freely) as you can get!
OpenLDAP.org is run by something called the OpenLDAP Foundation, a non-profit organization which is evidently designed to solicit donations for itself. I would like to speak to any of the officers of the foundation but, curiously, they aren’t listed anywhere on the Web that I could find. They appear also to not have telephone numbers, although there is a mailing address (in Redwood Shores, CA – also the home of Oracle. Coincidence?).
Most of the OpenLDAP project is either taken directly from, or derived from on-going work at the University of Michigan (where LDAP originated). The SLAPD (LDAP daemon) and SLURPD (LDAP update daemon) servers are almost direct ports of work from Michigan. There’s nothing wrong with that as it is in the public domain. But there’s little evidence of much new development from the OpenLDAP group.
OpenLDAP did fill a need for an easily obtainable, LDAP-enabled directory service with a low entry price (it’s free – but you had to compile the source code). Shoestring funded start-ups in the directory-enabled applications business could use it for building and testing their software, and even recommend it to clients who didn’t have an installed directory service (or didn’t know they had one). Now that Novell is giving away eDirectory to independent software vendors and Active Directory is included with Windows 2000 servers, those reasons go away.
Since the initial reasons for the OpenLDAP project no longer exist, I’d like to suggest a change. Let’s forget about duplicating commercial efforts to create data repositories and directory services. Instead, let’s focus on creating directory- enabled applications that leverage the installed base of LDAP- enabled directory services. Give users some concrete applications that make use of the authentication, authorization and personalization mechanisms the directory makes available. That would be a public service.
