openldap

   

OpenLDAP replication modes

OpenLDAP 2.4 offers a bunch of replication configurations, ranging from usual master initiated master to slave replication, to multi-master and mirror mode replication. Moreover, OpenLDAP offers granular replication, push or pull based replication, with or without changelog. From my own experience, I’d recommand to use multi-master push based replication, as far as the expected number of updates remains « reasonable ». I was recently noticed of unexpected stalled replication between two master servers, with OpenLDAP 2.4.31, while it’s a rather recent version, when using the « RefreshOnly » mode.

Know more +



OpenLDAP as an authentication database for Unix clients

I recently had to setup a couple of OpenLDAP servers in mirror replication mode, to authenticate users accessing Unix hosts, ranging from Fedora 11 to 14, and CentOS 6. I had already setup that kind of solution a few years ago, and I have to say it’s a lot more mature and stable now. I mean both the client and server side have been improved, especially with OpenLDAP 2.4.31 which prooves to be the first 2.4.x « production » version.

Know more +