[Date Prev][Date Next]
Re: OpenLDAP 2.2 and db4 under RHEL4 on Xen 3.0
On Mon, 2006-03-20 at 15:08 -0800, Quanah Gibson-Mount wrote:
> > So while the problems with xen are not the concern of the OpenLDAP
> > developers really, expect to hear more and more from your users about
> > xen and running OpenLDAP on xen. I had just hoped someone with more
> > experience could tell me to just rebuild the bdb stuff with some
> > configure option. I'll be talking to the bdb folks about this.
> As Howard noted, an alternative vendor solution is CDS from Symas
> Corporation. That software installs into its own path (/opt/symas), so it
> doesn't conflict with the ldap libraries shipped by RedHat. I would
> strongly recommend against using the RedHat for a number of reasons:
> (1) They historically do a very bad job of packaging OpenLDAP. This
> pattern continues with their current packaged version
> (2) They have no incentive to "do" OpenLDAP well, since it competes with
> their Fedora DS
> (3) They do not update their distributed version, nor patch it for the many
> known bugs fixed in later releases.
> If what you are looking for is a reliable, robust directory service, then
> using RedHat's packaged version is the wrong thing to do.
I do disagree with some of this, especially as I am beginning to
understand things better.
The Red Hat packages of OpenLDAP within their RHEL have been behind
probably because their customers aren't pushing them to get closer to
current. If their customers were insisting on it, they would update.
Red Hat was distributing out of date OpenLDAP packages long before their
purchase of the NDS which is now the Fedora Directory Services but from
all appearances, it seems that OpenLDAP will continue to be the packages
that are part of the distribution and I haven't seen any sign of that
They do update their distributed version - the bug fixes that they back
port can be determined from the change logs.
If the desire is for a reliable, robust directory service, there's no
doubt that the Red Hat's packaged version is the wrong thing, but as a
client, it's adequate. I also use it for small scale server roles (small
offices, small number of hosts/users).