On Thu, Nov 20, 2008 at 11:28:31AM +1100, Jeremy Portzer wrote:
Hello,
Does anyone have any recent experience with LDAP deployments across
reasonably large environments (we have 1000+ hosts)?We use LDAP for
traditional Unix host authentication/authorization, as well as various
other web apps. We currently use Fedora Directory Server but are having
many problems with its multimaster replication, and have hit some walls
in troubleshooting it. While I believe we probably can fix it,
management has asked for us to consider other directory server products
(including commercial ones), if they would offer better features and
long-term support. I'm wondering if anyone can offer their recent LDAP
deployment experiences?
Our requirements:
* Multimaster replication (or similar) for cluster deployment across
diverse geographical sites
* Scalability to 1000's of hosts
* Some sort of GUI administration (I guess web-based would be
preferred; Fedora DS's Java-based admin tool is acceptable but painful
to set up, and very slow over LANs)
* Runs on RHEL, preferably playing nice with other apps on the same
host(s)
* Sane backup, disaster recovery, and upgrade procedures
openldap used by most of the distro - a majourity of the developers are
also part of company that provides commercial support (the name of which
eludes me right now). I tend to use phpldapadmin and custom scripts to
manage it.
Commercial support availability is not a specific requirement, but is
something we'd consider if it has good cost/benefit so I'd be interested
in any thoughts on that also. (Note: head office is in the US, so
AU-based support not really necessary)
Thanks,
--Jeremy
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
--
caterpallor, n.:
The color you turn after finding half a grub in the fruit you're
eating.
signature.asc
Description: Digital signature
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html