[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP Sync or Slurpd?

--On Wednesday, May 12, 2004 11:02 AM -0400 "Brian K. Jones" <jonesy@CS.Princeton.EDU> wrote:

Hi all,

I've read the Admin guide for OpenLDAP 2.2.x, and I've just downloaded
2.2.11  (I'm moving to this from the latest 2.1.x release -- 22 maybe?).

Anyway, I haven't really had many problems with slurpd in terms of speed
or  reliability, so I'm wondering what syncrepl really gives me that
slurpd  doesn't. Was this designed to be more secure? More
stable/reliable? All of  the above?

Is this a precursor (or, um, prerequisite) to doing multimaster
replication  with OpenLDAP?

Is slurpd going to be phased out at some point in favor of this new
method? Thanks,

Syncrepl is supposed to be the eventual replacement for slurpd, since slurpd isn't maintained overall. There are a number of advantages to syncrepl over slurpd long term. Faster updates (we currently have an issue with the speed at which slurpd replicates, so we give a few select systems access to the master) is one on our list. Another interesting capability with syncrepl is that you can give a specific replica its own access rule, which means that you can replicate not only subtrees, but only certain entries in subtrees. For example, we have a person tree (cn=people,dc=stanford,dc=edu). Now, with slurpd, I could replicate just that tree to another replica. With synrepl, I can replicate all the people in that tree that belong to a specific organization based off an attribute filter (ou=itss). This means I can deploy departmental replica's if I want.

Although I'd wait until 2.2.12 for syncrepl, I have a bug filed against the 2.2.11 version.


Quanah Gibson-Mount
Principal Software Developer
ITSS/TSS/Computing Systems
ITSS/TSS/Infrastructure Operations
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html