Re: Using CentOS 5 as server; best way to setup NFSv4?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



I would second OpenLDAP, having used it in production at two different employers. It's always been stable and reliable. If you're restarting slapd every 15 minutes I'd take a good hard look at the problem versus just migrating away from it.

On that note, we recently migrated to Active Directory from OpenLDAP, primarily because we migrated from Zimbra 4.5 to Exchange (and Exchange requires AD). It wasn't without much kicking and screaming, but in the end it was the best move for our users. The tricky part was switching Linux systems which had been authenticating reliably and smoothly to OpenLDAP to using Winbind instead (primarily because of AD group support). Even though it largely works, I would say that in a large production environment I prefer OpenLDAP for centralized authentication over AD, especially since we're a predominately Linux/ UNIX environment.

- Chris


On 1 Aug, 2008, at 5:47 PM, Craig White wrote:

On Fri, 2008-08-01 at 17:33 -0700, nate wrote:

I personally don't like LDAP(after having used it for many years now).
I do use it at home, though only two of the 6 systems I have are
actually using it(I also use it for mail routing but that is a
legacy thing I setup 7 years ago that I haven't gotten around to
migrating off of). I'm in the slow process of migrating my company's
systems off of LDAP, they are using it for authentication and it's
horribly unreliable and I hate that single point of failure and
the complexity of setting it up and maintaining it. They have a
cron script that restarts the LDAP services every 15 minutes and
they restart nscd on all of the servers every hour. And still even
I get complaints on occasion about not being able to login and I
have to go restart nscd again or at least invalidate the nscd
passwd cache (nscd -i passwd).
----
LDAP is as stable as anything I've ever used but I have to admit that I don't use nscd anywhere because I would suspect, that is what is killing
you. I stopped using nscd when I went to LDAP for that reason.

It's not uncommon for my primary LDAP servers to have uptimes of over 9
months and never restarting though Red Hat made a curious choice of
using sleepy-cat 4.3 on RHEL 5 which is totally not recommended by
OpenLDAP developers. http://www.openldap.org/faq/data/cache/44.html

I suppose if you wanted to have a stable LDAP, you would investigate
with the developers of OpenLDAP.

Craig

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux