Interview: Howard Chu, OpenLDAP chief architect


Howard Chu is the Chief Architect of the OpenLDAP project and its main corporate sponsor Symas Corporation. OpenLDAP is a free, open source implementation of the Lightweight Directory Access Protocol (LDAP) which provides an enterprise with a shared address books, single sign-on, automount of home directories and file sharing for Linux, Unix, Mac and Windows clients.

Can you tell us a little bit about what you do, the OpenLDAP project, its relationship with Symas?

Well, as Chief Architect for the OpenLDAP Project I occasionally make decisions about what technical features should or should not be integrated into the code. For the most part though, developers in the OpenLDAP community simply work on whatever they choose, whatever scratches their itch.

I wrote my first contribution in 1998 and was invited to join the core team shortly after that. Under Kurt Zeilenga's leadership, most of the early development in OpenLDAP was focused on cleaning up portability issues and implementing LDAPv3.

The more radical evolution of the code since its UMich (University of Michigan) origins has been at my instigation and most of that is my code. I've been working full time on the project since 1999 as a Founder of Symas which has chosen to invest in this technology through funding my participation.

How do you compare OpenLDAP with proprietary directory services technologies like Active Directory or SunOne?

Active Directory is fundamentally flawed in so many areas it barely deserves mention. It is grossly non-compliant with the LDAP specifications, breaking interoperability. And its database design is so broken it can barely get out of its own way.

Our recent assessment of AD and Active Directory Application Mode (ADAM) as LDAP servers and the benchmarks that show it to be 3 to 5 times slower convinced us that enterprise strategies based on that as a production enterprise directory are headed for trouble.

See Symas' enterprise assessment whitepaper of Microsoft Active Directory's Application Mode versus OpenLDAP and the report's

SunOne was, for some years, probably the leading directory technology in the industry. However, the original development teams walked away from the code base years ago and it's showing its age, with numerous well documented stability and maintainability issues.

Today OpenLDAP has a significant lead in performance, scalability, and reliability.
Unfortunately we can't publish benchmark results against SunOne due to a restriction in their end user license.

It's worth noting, however, that SunOne is being replaced by OpenDS, an open source directory project written in Java. The reign of Sun's proprietary directory service is over; SunOne has reached the end of the line.

"Recommended For You"

Open Source News Open Source and Open Standards under Threat in Europe