directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Tillinghast, Andrew P." <atill...@conncoll.edu>
Subject Best choice for production LDAP?
Date Wed, 11 Jul 2012 13:50:15 GMT
This seems a straight forward question but looking back through the archives I don't see it
asked in the last year - in October there was a similar question but not quite what I want
to know.


I need to set up a production LDAP solution and I'm looking for guidance on the version of
apacheDS to implement.

First of all the last version that was marked as "Stable" is 1.0.2 from May of 2007, all the
1.5.x versions are identified as "unstable" - Usually production and unstable aren't a good
combination.

I completely understand that the 2.0.0 milestone releases are beta - also not usually good
for production.

Unfortunately, for a production implementation there are features missing from the 1.5.x versions
that I consider extremely important, specifically multi-master replication.

Besides stability of a beta release the other key issue I see with the 2.0.0 releases is that
the documentation is still sparse, completely reasonable for a beta version but will make
implementation more of a challenge.

I'm leaning towards ApacheDS because the product is Java based, seems to have a great feature
set, and I've had a good history with Apache projects, but I'm willing to look at switching
to another LDAP solution if ApacheDS isn't ready for our needs.


To give an idea of our production needs:

We are a high education institution with about 2,500 Staff, Students and Faculty.
We have approximately 30,000 alumni that continue to have access to various systems through
CAS.
We are completely revamping our IAM implementation from AD, Custom scripts and CAS to a central
Identity vault (where we see apacheDS in the system) fed by SPML from our ERP, integrated
with Grouper, CAS, Shibboleth, Federated Identity, Kerberos and Guest registration through
OpenRegistry.
Desired to be in production by the 13th of August, and I'm the only technical person tasked
with the implementation.




Andrew Tillinghast
Sr. Web Developer
atilling@conncoll.edu
270 Mohegan Avenue
New London, CT 06320-4196
Ph:860 439-5265 Fax: 860 439-2871
P Think before you print
CONFIDENTIALITY: This email (including any attachments) may contain confidential, proprietary
and privileged information, and unauthorized disclosure or use is prohibited. If you received
this email in error, please notify the sender and delete this email from your system.





Mime
View raw message