[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Article about OpenLDAP Proxy Server (ITS#3130)

the article has been already published.
Anyway thanx for the comments.

Keep in mind however that the objective of this article was to show that 
there's not only expensive commercial software to satisfy the needs of an 
LDAP proxy, but also open-source software that performs very well and 
offers good functionality.

I was also tempted to spend more space about interesting concepts such as 
load balancing, partitioning and other subjects, but the space available 
for such an article is short, treating these arguments in more details the 
article would have been four times as much. So I preferred to mention them 

Do you think it would be useful to work out an extended version for users 
of the OpenLDAP site ?

Reinhard E. Voglmaier

"Howard Chu" <hyc@highlandsun.com> 
04-mag-2004 21:12
rv33100@gsk.com, openldap-its@OpenLDAP.org

RE: Article about OpenLDAP Proxy Server (ITS#3130)

I take it this article has already been published?

If not, I have a few comments:

re: saving your configure command in a shell script, I guess that's a 
thing to do, but note that there is already a generated config.status file
that shows your configuration options and all the results of such.

I don't see the logical path from "being able to define multiple backends" 
"load balancing." Splitting a database into separate parts does not imply
what is commonly thought of as load balancing. Spreading identical copies 
a database across multiple servers accomplishes that.

Describing the LDAP server as logically consisting of only two parts
(frontend and backend) is misleading, especially when you then go on to
introduce the proxy cache which is definitely neither front nor back. 
qualifying it as "mainly two parts, with notable extensions in 2.2.x" 
have been better.

re: Installing the server, I'd just like to point out that Symas provides
tested, certified packaged binaries of OpenLDAP for all the major Unix
platforms, Linux, and also Windows. The fact that they're created by 
who knows how everything is *supposed* to work gives a level of certainty
that no one else can offer: No dependency clashes, no version conflicts, 
miscompiled dependent libraries, It Just Works.

re: the configure options - note that as of OpenLDAP 2.2.9 the configure
option for overlays changed to use the --enable-XXX syntax instead
of --with-XXX.

re: chaining - it seems pointless to say "one reason for partitioning may 
to improve performance" without mentioning how performance may be 
To my mind, partitioning always decreases performance; it's only done as a
last resort when a database has grown too big to live in one space. If 
going to allude to performance improvements, you should provide more 
for such a statement.

Also, listing 6 is unusable without the addition of "subordinate" keywords 
the first two database clauses.

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support

> -----Original Message-----
> From: owner-openldap-bugs@OpenLDAP.org
> [mailto:owner-openldap-bugs@OpenLDAP.org]On Behalf Of rv33100@gsk.com
> Sent: Tuesday, May 04, 2004 5:28 AM
> To: openldap-its@OpenLDAP.org
> Subject: Article about OpenLDAP Proxy Server (ITS#3130)
> Full_Name: Reinhard E. Voglmaier
> Version: 2.2.11
> OS: Sun Solaris 2.9
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (
> I uploaded the article as pdf in incoming:
> Reinhard-Voglmaier-040504.pdf