<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body dir="auto">
Funny, we are considering the exact opposite, and this is our motivation:
<div><br>
</div>
<div><a href="https://access.redhat.com/solutions/2440481">https://access.redhat.com/solutions/2440481</a><br>
<br>
<div id="AppleMailSignature" dir="ltr"><span style="background-color: rgba(255, 255, 255, 0);">--<br>
____<br>
|| \\UTGERS, |---------------------------*O*---------------------------<br>
||_// the State | Ryan Novosielski - <a href="mailto:novosirj@rutgers.edu" dir="ltr" x-apple-data-detectors="true" x-apple-data-detectors-type="link" x-apple-data-detectors-result="1">novosirj@rutgers.edu</a><br>
|| \\ University | Sr. Technologist - 973/972.0922 (2x0922) ~*~ RBHS Campus<br>
|| \\ of NJ | Office of Advanced Research Computing - MSB C630, Newark<br>
`'</span></div>
<div dir="ltr"><br>
On Oct 24, 2018, at 12:54, Michael Di Domenico <<a href="mailto:mdidomenico4@gmail.com">mdidomenico4@gmail.com</a>> wrote:<br>
<br>
</div>
<blockquote type="cite">
<div dir="ltr"><span>we use openldap where i work now. it's working fine. i guess the</span><br>
<span>first question to you is, why the push to switch?</span><br>
<span>On Wed, Oct 24, 2018 at 12:43 PM Tom Harvill <<a href="mailto:unl@harvill.net">unl@harvill.net</a>> wrote:</span><br>
<blockquote type="cite"><span></span><br>
</blockquote>
<blockquote type="cite"><span></span><br>
</blockquote>
<blockquote type="cite"><span>[Because of my ignorance I mistakenly posted this inside of a list</span><br>
</blockquote>
<blockquote type="cite"><span>thread. I'm sending it again cleanly.]</span><br>
</blockquote>
<blockquote type="cite"><span></span><br>
</blockquote>
<blockquote type="cite"><span>Hello,</span><br>
</blockquote>
<blockquote type="cite"><span></span><br>
</blockquote>
<blockquote type="cite"><span>Long time lurker, very infrequent poster - I enjoy this list very much.</span><br>
</blockquote>
<blockquote type="cite"><span></span><br>
</blockquote>
<blockquote type="cite"><span>We run multiple clusters in different data centers with a single</span><br>
</blockquote>
<blockquote type="cite"><span>directory (LDAP) for general authentication and some user grouping for</span><br>
</blockquote>
<blockquote type="cite"><span>special purposes (eg delineating admin users for privileges). We put</span><br>
</blockquote>
<blockquote type="cite"><span>'extra' user data in an RDBMS.</span><br>
</blockquote>
<blockquote type="cite"><span></span><br>
</blockquote>
<blockquote type="cite"><span>We currently use 389-DS (aka Fedora Directory Server) and there is some</span><br>
</blockquote>
<blockquote type="cite"><span>internal pressure to switch to OpenLDAP.</span><br>
</blockquote>
<blockquote type="cite"><span></span><br>
</blockquote>
<blockquote type="cite"><span>389-DS is working well, we use the multi-master feature. It really</span><br>
</blockquote>
<blockquote type="cite"><span>hasn't failed us.</span><br>
</blockquote>
<blockquote type="cite"><span></span><br>
</blockquote>
<blockquote type="cite"><span>I'm writing this list to ask:</span><br>
</blockquote>
<blockquote type="cite"><span></span><br>
</blockquote>
<blockquote type="cite"><span>- what directory solution do you implement?</span><br>
</blockquote>
<blockquote type="cite"><span>- if LDAP, which flavor?</span><br>
</blockquote>
<blockquote type="cite"><span>- do you have any opinions one way or another on the topic?</span><br>
</blockquote>
<blockquote type="cite"><span></span><br>
</blockquote>
<blockquote type="cite"><span>Because 389-DS has just worked, it's sort-of out of sight and mind. I've</span><br>
</blockquote>
<blockquote type="cite"><span>been re-engaging it for a little while and from what I can see it's</span><br>
</blockquote>
<blockquote type="cite"><span>fairly well documented (I don't remember this being the case when we</span><br>
</blockquote>
<blockquote type="cite"><span>originally set it up 10+ years ago.) I think OpenLDAP doesn't have</span><br>
</blockquote>
<blockquote type="cite"><span>integrated multi-master replication - that feature appears to be a</span><br>
</blockquote>
<blockquote type="cite"><span>bolted on script.</span><br>
</blockquote>
<blockquote type="cite"><span></span><br>
</blockquote>
<blockquote type="cite"><span>Thanks in advance for your time,</span><br>
</blockquote>
<blockquote type="cite"><span></span><br>
</blockquote>
<blockquote type="cite"><span>Tom</span><br>
</blockquote>
<blockquote type="cite"><span></span><br>
</blockquote>
<blockquote type="cite"><span>Tom Harvill</span><br>
</blockquote>
<blockquote type="cite"><span>Holland Computing Center</span><br>
</blockquote>
<blockquote type="cite"><span><a href="https://hcc.unl.edu">https://hcc.unl.edu</a></span><br>
</blockquote>
<blockquote type="cite"><span></span><br>
</blockquote>
<blockquote type="cite"><span>_______________________________________________</span><br>
</blockquote>
<blockquote type="cite"><span>Beowulf mailing list, <a href="mailto:Beowulf@beowulf.org">
Beowulf@beowulf.org</a> sponsored by Penguin Computing</span><br>
</blockquote>
<blockquote type="cite"><span>To change your subscription (digest mode or unsubscribe) visit
<a href="http://www.beowulf.org/mailman/listinfo/beowulf">http://www.beowulf.org/mailman/listinfo/beowulf</a></span><br>
</blockquote>
<span>_______________________________________________</span><br>
<span>Beowulf mailing list, <a href="mailto:Beowulf@beowulf.org">Beowulf@beowulf.org</a> sponsored by Penguin Computing</span><br>
<span>To change your subscription (digest mode or unsubscribe) visit <a href="http://www.beowulf.org/mailman/listinfo/beowulf">
http://www.beowulf.org/mailman/listinfo/beowulf</a></span><br>
</div>
</blockquote>
</div>
</body>
</html>