X-Recipient: archive-cygwin@delorie.com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:message-id:date:from:mime-version:to:subject
	:references:in-reply-to:content-type:content-transfer-encoding;
	 q=dns; s=default; b=Aq8IRuhfOS65eZPa6qj6G1AhKcabLn+d9Y3llEIDC2+
	oXwtEWe+lZ/Zp3c7BRfER6W1BYLNxO+cw5hXStTaRZPF9yjpcmomL7nShbcxDw6C
	Jkc1SB1pN43XoUj/LWyA9InN3kdg4OMpB2ApT146+rBxEYapdceI/Nm/zJnStWB0
	=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:message-id:date:from:mime-version:to:subject
	:references:in-reply-to:content-type:content-transfer-encoding;
	 s=default; bh=804B4wUKKtLka/KvgO7Wk2tNGug=; b=xUYr0NmXVcDxpqAEz
	1LRt1EM7z2JACGwIOpoiJoQcp+sFZOhxT/h9hpv1kBpACRZ65IQLbmvKM6SCasw8
	6+g2l4krJKyF840oBLi2EaSaeWQk8/DftSlh2UvdgTUWLBoOh4TgrG1wyr+/AX5T
	HpT2LMJhgeHYDpnx6h1rY/XRfc=
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe@cygwin.com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-help@cygwin.com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
Delivered-To: mailing list cygwin@cygwin.com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-0.7 required=5.0 tests=AWL,BAYES_50,RP_MATCHES_RCVD autolearn=ham version=3.3.2
X-HELO: etr-usa.com
Message-ID: <52F51744.3090004@etr-usa.com>
Date: Fri, 07 Feb 2014 10:26:28 -0700
From: Warren Young <warren@etr-usa.com>
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0
MIME-Version: 1.0
To: Andrey Repin <cygwin@cygwin.com>
Subject: Re: get rid of getpwent? (Was: cygwin-1.7.28 getpwent header declaration changes ?)
References: <52F339CA.5070305@gmail.com> <20140206090117.GD2821@calimero.vinschen.de> <52F361C5.3000807@gmail.com> <20140206141321.GI2821@calimero.vinschen.de> <52F40208.5030901@etr-usa.com> <20140207094917.GN2821@calimero.vinschen.de> <449939081.20140207164918@mtu-net.ru>
In-Reply-To: <449939081.20140207164918@mtu-net.ru>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-IsSubscribed: yes

On 2/7/2014 05:49, Andrey Repin wrote:
>
> LDAP IS simple.

Anything tied to a PKI is going to be pretty complex, no matter how 
simple the underlying tech is.

Then there's the fact that LDAP derives from X.500, a prototypically 
overengineered OSI emission.  DC=my,DC=sub,DC=domain,DC=com.  P'tui!

> It's a shame it is so little known outside specific circles.

I blame the books.

Several years ago, I bought most of what was available, since we needed 
to do user authentication against an existing AD system in a custom 
software system, to avoid parallel user management.

The most useful book I found was "LDAP: Programming Directory-Enabled 
Applications with Lightweight Directory Access Protocol", by Howes and 
Smith, since it covers things from the C API level upward.  Most other 
LDAP books either don't cover the programming level at all, or mention 
it briefly on their way down from the directory service level.

The thing is, the book was written way back in 1997, before OpenLDAP was 
forked from the umich LDAP reference implementation.  A huge number of 
the things the book says no longer applies because the API has changed 
out from under it.  Many of the examples that do still work give 
deprecation warnings, or need to be compiled with -D flags to re-enable 
APIs that are marked for deprecation.

I did a search on Amazon, sorting all LDAP books by release date.  The 
newest one that covers programing looks to be Howes & Smith's other 
book, "Understanding and Deploying LDAP Directory Services" (coauthored 
with Good) which came out in 2003.[1]  The book primarily covers 
administration of the Netscape (!) Directory Server.  It does cover LDAP 
programming in a couple of chapters spanning 150 pages, but most of the 
examples are in Java.  There is a touch of C and Perl, only.  Even if 
you count all the code samples together and ignore the language and API 
differences, you can't call this anything but a whirlwind overview of 
LDAP programming.

"Mastering OpenLDAP" is billed as "for developers", but there isn't a 
line of C code in the book.  (Or any other programming language, 
really.)  It's a sysadmin book.

It's not even the case that all the teaching material has moved online. 
  The OpenLDAP programming manual is a pile of man pages.[2]  Man pages 
are great, but go toss a neophyte into that pile and see if she doesn't 
come out welted, weary and wincing.

Given this, it's no wonder those who can write LDAP based software are 
seen as a kind of elite.  Acquiring a working knowledge of LDAP 
programming is akin to a baleen whale feeding itself.


----------

[1] Amazon claims it was updated in 2013, but it's just a paperback 
re-issue of their 2003 hardback title.

[2] http://goo.gl/gE2e6P

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple