Saturday, April 18, 2015

LDAP Vs Database(SQL)

LDAP is a protocol for accessing directories, SQL is a query language for databases.

Both systems store data, but the big difference is: directories (like Active Directory) are tuned towards a lot more reads than writes, e.g. reading information should be very easy, trivial indeed (and offer great performance), while updating can be a bit of a pain. Also: directories are often distributed, e.g. spread across multiple servers/locations, and offer mechanisms to easily replicate read-only data across locations.

SQL databases on the other hand are geared towards a more balanced load of read and write, and thus, writes must also be as easy as possible.

So this boils down to:

  • if you have data (like user accounts, permissions) that are mostly read (but not very often updated), then a directory sounds like a great solution

  • if you need to frequently insert new data and update existing data, then a database is much more suited to your needs. Don't try to create an order entry system inside a directory - it's a poor match.....

Those distinctions aren't "absolute" or clear - it's often a judgment call whether to put something into your database, or whether it belongs into a directory.

No comments:

Post a Comment