[TriLUG] Best of breed LDAP solution
Jeremy Portzer
jeremyp at pobox.com
Wed Nov 19 19:24:58 EST 2008
Hello,
Does anyone have any recent experience with LDAP deployments across
reasonably large environments (we have 1000+ hosts)? We use LDAP for
traditional Unix host authentication/authorization, as well as various
other web apps. We currently use Fedora Directory Server but are having
many problems with its multimaster replication, and have hit some walls
in troubleshooting it. While I believe we probably can fix it,
management has asked for us to consider other directory server products
(including commercial ones), if they would offer better features and
long-term support. I'm wondering if anyone can offer their recent LDAP
deployment experiences?
Our requirements:
* Multimaster replication (or similar) for cluster deployment across
diverse geographical sites
* Scalability to 1000's of hosts
* Some sort of GUI administration (I guess web-based would be
preferred; Fedora DS's Java-based admin tool is acceptable but painful
to set up, and very slow over LANs)
* Runs on RHEL, preferably playing nice with other apps on the same host(s)
* Sane backup, disaster recovery, and upgrade procedures
Commercial support availability is not a specific requirement, but is
something we'd consider if it has good cost/benefit so I'd be interested
in any thoughts on that also.
Thanks,
Jeremy Portzer
More information about the TriLUG
mailing list