If LDAP is so good, why isn't it the enterprise directory service
solution? The answer is that there are considerations that prevent LDAP,
by itself, from providing a complete solution. For example, data that
would be very useful if available in a directory service, is often contained
in non-directory repositories. Examples of these foreign repositories
include:
- SQL (Oracle, Sybase)
- People Soft
- Lotus Notes
- cc:Mail
- Proprietary data store
So what do you do when you have data that would be useful if available
through a directory service but it is kept in some other datastore?
What do you do if you have data that can only be maintained and managed
by certain departments (Human Resources, for example)? What happens
when political considerations within an organization demand that certain
data be owned by certain organizations? What do you do when you have
a significant investment in existing, non-LDAP compliant, software?
Some additional service must be used to connect these disparate entities
together. This service would translate or map data from one source (or
type) into another. This is what iPlanet Meta-Directory (iMD) does.
Interestingly, the repository that iMD uses to hold the data it consolidates
from different sources is an LDAP data store. So the ultimate answer
to the opening question is that LDAP is the enterprise directory
service solution.