directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tanguy tlrx <>
Subject Re: OpenLDAP to ApacheDS Migration | Help Needed
Date Tue, 30 Apr 2013 09:47:36 GMT
Hi Emmanuel,

There is a serious bug that has been detected last week - and introduced
> in M11 - that makes the backend unstable. Basically, using a schema with
> some AttributeType without an Equality MatchingRule leads yo NPE which
> breaks the backend. This bug has been fixed at the end of last week, and
> a release is on its way.

I think we fell on this bug (and maybe another one: when there's a space in
an attribute type of a custom schema, ApacheDS doesn't seem to restart?). I
also think that the Java Service Wrapper sometimes makes difficult to check
if ApacheDS correctly started or not. Unfortunately these problems have
undermined the confidence that the team had in ApacheDS.

The other issues we encountered were mainly imputable to Spring LDAP

> and we are currently evaluating the cost of migrating from
> > ApacheDS 2.0.M11 to OpenLdap 2.24.
> Hoperfully, it should not cost so much, as we tried to be as compatible
> as possible with OpenLDAP.

It tooks us around 1 day to migrate. LDIFs scripts were OK and Apache
Directory Studio helps us to migrate our custom schema.

> Keep in mind that ApacheDS 2.0 is still very young. What I would suggest
> here is pretty simple :
> - if you need a 100% bullet proof server in production, with 24x7
> service, and you feel uncertain that ApacheDS can fulfill your needs,
> then OpenLDAP is certainly an alternative

We definitely need a stable LDAP server, since it will be installed on
customer platforms (and we can't support LDAP software issues).

> - keep in mind that whatever server you will use, you may have issues.
> This is part of the deal : you have to test what you use before going in
> the wild

Sure. We really like the fact that ApacheDS can be embedded for unit
testing. I like to have unit tests running on the same server and
configuration than the production code :)

> - in any case, consider your options carefully. There is no silver
> bullets, and this is a changing world. We try to provide as much help as
> possible, but at some point, you may need some support. Consider
> contacting the people behing all those open source software, most of
> them can provide support and deliver fixes fast anough.

> In any case, even if you decide to switch to OpenLDAP, thanks a lot for
> having used ApacheDS. In the mean time, I hope that the next versions
> will solve the issues you are creently having :)

Thanks for your help. Next time I'll need a LDAP server for a Java
application, I'll check ApacheDS again (but I'll spend less time to get it
work) :o)

-- Tanguy

> --
> Regards,
> Cordialement,
> Emmanuel L├ęcharny

-- Tanguy
twitter @tlrx

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message