Speaking of LDAP and PHP...
I have inherited a couple of applications which perform some sort of authentication and then query LDAP for info about the authenticated uid. They then stick this info into a mysql database table.
Now as time passes, the 'private' data in mysql drifts from the Authoritative data in LDAP.
Ideally, I suppose, the apps needn't keep their LDAP derived data privately, since they can always look up the latest data with another ldap search. Otherwise, the app would need to perform periodic resynchronizations with LDAP.
What would you ETS Systems folks prefer? in terms of both security and performance?