--On Thursday, September 04, 2014 3:30 PM -0700 Quanah Gibson-Mount
<[email protected]> wrote:
--On Thursday, September 04, 2014 10:14 PM +0000 Sterling Sahaydak
<[email protected]> wrote:
Just updated slapd.conf with CA Certs and trying to get mirroring
synchronization to work.
Running into the following:
slapd -d sync
@(#) $OpenLDAP: slapd 2.4.23 (Feb 3 2014 19:11:35) $
Don't waste your time using this build, as you were already informed on
IRC.
Since you quit IRC in a huff, I'll give you some follow on thoughts:
a) It is not the community's job to support the broken builds that RHEL
created. They are known to have numerous problems, some of which were
inflicted by RH itself by doing custom patches against OpenLDAP.
b) 2.4.23 is over 4 years old at this point. There have been numerous bugs
fixed since that release, particularly around MMR.
c) RHEL links to the non-standard NSS encryption libraries, which are
utterly broken in concept, which may be the cause of your cert issues
d) There are freely available current alternatives to using the crap
shipped by RHEL if you are not comfortable with building OpenLDAP yourself.
You should investigate using them rather than complaining that the
community is refusing to support RHEL's garbage.
Alternatives:
<http://www.symas.com/> - They offer free OpenLDAP builds sanely linked to
OpenSSL. They also provide support contracts, with extremely knowledgable
staff (The primary openldap developer works for them, for example).
<http://ltb-project.org/wiki/> - They offer free OpenLDAP builds sanely
linked to OpenSSL. They also have a support forum for their builds.
--Quanah
--
Quanah Gibson-Mount
Server Architect
Zimbra, Inc.
--------------------
Zimbra :: the leader in open source messaging and collaboration
