[36304] in Kerberos

home help back first fref pref prev next nref lref last post

RE: Replicated LDAP as backend

daemon@ATHENA.MIT.EDU (Paul B. Henson)
Tue Jul 29 16:42:20 2014

From: "Paul B. Henson" <henson@acm.org>
To: <kerberos@mit.edu>
In-Reply-To: <1406295631.32174.1.camel@vikktakkht.kf8nh.com>
Date: Tue, 29 Jul 2014 13:41:58 -0700
Message-ID: <1fee01cfab6d$8d4666e0$a7d334a0$@acm.org>
MIME-Version: 1.0
Content-Language: en-us
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu

> From: Brandon Allbery
> Sent: Friday, July 25, 2014 6:41 AM
>
> Multi-master replication works fine, and is arguably the only sensible
> reason to use the LDAP backend in the first place --- it's slower and
> more painful to manage compared to the standard backend.

We've been running multi master on top of openldap for a few years now, and
it works great. We have kadmin behind a hardware load balancer, which
automatically transitions clients to one of the secondary servers if the
master fails.


________________________________________________
Kerberos mailing list           Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos

home help back first fref pref prev next nref lref last post