[Beowulf] Poll - Directory implementation

Tom Harvill unl at harvill.net
Wed Oct 24 10:55:51 PDT 2018



On 10/24/2018 12:03 PM, Tina Friedrich wrote:
> Hello,
>
> I was about to ask that, as well - why the push for change?

Hi Tina,

The current systems are running on CentOS5 so we're behind there, thus 
the motion.  As for the platform shift, we have a sort-of 'change is 
always good' philosophy here (that I'm not always on board with 
frankly).  Plus, I think some view 389-DS as a sort-of black box.  
People who work here like the ability to get under the hood (even if 
they never need to).

> PS: I'm pretty sure OpenLDAP can do multi-master replication, actually.

Thank you.

>
> On Wednesday, 24 October 2018 12:53:33 BST Michael Di Domenico wrote:
>> we use openldap where i work now.  it's working fine.  i guess the
>> first question to you is, why the push to switch?
>>
>> On Wed, Oct 24, 2018 at 12:43 PM Tom Harvill <unl at harvill.net> wrote:
>>> [Because of my ignorance I mistakenly posted this inside of a list
>>> thread.  I'm sending it again cleanly.]
>>>
>>> Hello,
>>>
>>> Long time lurker, very infrequent poster - I enjoy this list very much.
>>>
>>> We run multiple clusters in different data centers with a single
>>> directory (LDAP) for general authentication and some user grouping for
>>> special purposes (eg delineating admin users for privileges). We put
>>> 'extra' user data in an RDBMS.
>>>
>>> We currently use 389-DS (aka Fedora Directory Server) and there is some
>>> internal pressure to switch to OpenLDAP.
>>>
>>> 389-DS is working well, we use the multi-master feature.  It really
>>> hasn't failed us.
>>>
>>> I'm writing this list to ask:
>>>
>>> - what directory solution do you implement?
>>> - if LDAP, which flavor?
>>> - do you have any opinions one way or another on the topic?
>>>
>>> Because 389-DS has just worked, it's sort-of out of sight and mind. I've
>>> been re-engaging it for a little while and from what I can see it's
>>> fairly well documented (I don't remember this being the case when we
>>> originally set it up 10+ years ago.)  I think OpenLDAP doesn't have
>>> integrated multi-master replication - that feature appears to be a
>>> bolted on script.
>>>
>>> Thanks in advance for your time,
>>>
>>> Tom
>>>
>>> Tom Harvill
>>> Holland Computing Center
>>> https://hcc.unl.edu
>>>
>>> _______________________________________________
>>> Beowulf mailing list, Beowulf at beowulf.org sponsored by Penguin Computing
>>> To change your subscription (digest mode or unsubscribe) visit
>>> http://www.beowulf.org/mailman/listinfo/beowulf
>> _______________________________________________
>> Beowulf mailing list, Beowulf at beowulf.org sponsored by Penguin Computing
>> To change your subscription (digest mode or unsubscribe) visit
>> http://www.beowulf.org/mailman/listinfo/beowulf
>



More information about the Beowulf mailing list