directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kiran Ayyagari <kayyag...@apache.org>
Subject Re: [ApacheDS] Should I migrate to Apache DS?
Date Wed, 27 May 2015 02:23:34 GMT
On Wed, May 27, 2015 at 9:38 AM, John Lewis <oflameo2@gmail.com> wrote:

> Recently I ran into issues with a couple of other authentication servers
> when I attempted to use them on LXCs on my  VPS to avoid having to avoid
> having a whole bunch of password databases.
>
> With Samba4 I ran the edge of the feature set and lost out on a third of
> the reasons I would use LDAP in the first place
> https://lists.samba.org/archive/samba/2015-May/191867.html by not having
> replication I can depend on due to the FSMO inability to seizing the
> Domain DNS Zone Master and Forest DNS Zone Master roles. I only have
> fail over if the wrong LDAP server doesn't fail.
>
> I tried OpenLDAP as well, but my problems can be described simply as a
> lack of a good way to deal with cn=config. The setup and maintenance got
> too costly to justify its use and the documents and the tools haven't
> caught up with the new configuration style.
>
> If I attempted to to migrate from Samba4 to Apache DS, will I run into
> anything game-breakingly weird that would make me want to try libpam-pgsql?
>
> the only likely issue is the samba schema, the one present in ApacheDS was
last updated in
November 2010, it doesn't contain latest samba schema has, if any.

Other than that ApacheDS has been working with PAM modules, so it should
work.

I suggest you check if the existing* schema is enough or it needs to be
updated, I can lend a hand if needed,
keep us posted on your progress.

* connect to ApacheDS server using Directory Studio and look under
cn=schema for all the supported
  schemas

-- 
Kiran Ayyagari
http://keydap.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message