[Beowulf] Poll - Directory implementation

[Tom Harvill]

[Because of my ignorance I mistakenly posted this inside of a list 
thread.  I'm sending it again cleanly.]

Hello,

Long time lurker, very infrequent poster - I enjoy this list very much.

We run multiple clusters in different data centers with a single 
directory (LDAP) for general authentication and some user grouping for 
special purposes (eg delineating admin users for privileges). We put 
'extra' user data in an RDBMS.

We currently use 389-DS (aka Fedora Directory Server) and there is some 
internal pressure to switch to OpenLDAP.

389-DS is working well, we use the multi-master feature.  It really 
hasn't failed us.

I'm writing this list to ask:

- what directory solution do you implement?
- if LDAP, which flavor?
- do you have any opinions one way or another on the topic?

Because 389-DS has just worked, it's sort-of out of sight and mind. I've 
been re-engaging it for a little while and from what I can see it's 
fairly well documented (I don't remember this being the case when we 
originally set it up 10+ years ago.)  I think OpenLDAP doesn't have 
integrated multi-master replication - that feature appears to be a 
bolted on script.

Thanks in advance for your time,

Tom

Tom Harvill
Holland Computing Center
https://hcc.unl.edu