October 1st, 2011, 02:17 PM
Linking LDAP users with databases - design considerations
There's a company X (a call center) with about 300 workstations and a task to implement LDAP for user authentication. Fine. We put non-volatile user information (UIDs, e-mails, first and last names) to LDAP directory – everything by the book. There are also several databases with information about calls, time management, etc.
By theory, these databases should have only one parameter in common with LDAP directory - the user ID (UID). In practice, to call a LDAP directory every time first and last names are needed (that is, almost every time some query results are displayed) seems to be inelegant. The second thought is to replicate some LDAP data in each such database. Or are there some other tricks? What is considered to be the best practices here?
This is a trivial task, and there must be hords of sysadmins, who have done it before. I'm sure someone can share some relevant links.