New LDAP Stuff and Musings on System Integration

I've got some new articles posted over on lembobrothers.com under my personal home page. Two of them deal with using the Net::LDAP perl module to connect to LDAP directories over TLS or SSL. The latter includes a script I wrote to connect to an SSL enabled Active Directory. Speaking of Active Directory, I've also got a short piece on SSL Enabling Active Directory and another on forcing AD passwords using Net::LDAP from a Unix box.

My work in directory services continues to be more and more concentrated on integration with other systems, particularly COTS (Commercial Off-The-Shelf) software. Contrary to what most CIO's seem to believe, dropping COTS (also called "packaged software") into an environment can cost as much in integration expense as writing something in house from the ground up, A big difference between the two approaches is that closed-source COTS software can continue to generate unanticipated expense when patches or upgrades "break" existing integration solutions. Fear of these kinds of hard costs will often lead internal project teams to shy away from promising any level of integration at all, resulting in a net loss of functionality for users. To be honest, I don't blame internal IT. The fact is that many -- no, most -- integration solutions from commercial vendors are "Rube Goldberg" affairs whose fragility make it a sure bet that eventually there will be a "crash and burn".

That's too bad. Open source software and community support tools like wikis, forums and plain old cvs could revolutionize how IT gets the job done, and lead to huge improvements in both the quantity and quality of what the end user receives.