[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Monitoring 2.3.43?

That makes me wonder what his script is doing... Sounds like the script is handling some part of the replication.

Cent6.2 has been out for quite a while, with OpenLDAP 2.4.23 binaries. Considered old and 'unsupported' by the OpenLDAP crew, but still working flawlessly in our simple setup (used for just system auth for ssh, sudo, svn, etc.). We are using ppolicy, but found the syncing password failures AND having a user's actual password be checked (making the password failure sync useless) turned out to not be doable (I won't say possible as I'm open to our configs being off, but haven't heard any suggestions).
In short, I understand not wanting to compile and support your own binaries, but Cent6.2 is a pretty easy upgrade (opt for sssd vs pam_ldap).

- chris

Chris Jacobs
Systems Administrator, Technology Services Group

Apollo Group  |  Apollo Marketing & Product Development  |  Aptimus, Inc.
1501 4th Ave  |  Suite 2500  |  Seattle, WA 98101
direct 206.839.8245  |  cell 206.601.3256  |  Fax 206.644.0628
email: chris.jacobs@apollogrp.edu

----- Original Message -----
From: openldap-technical-bounces@OpenLDAP.org <openldap-technical-bounces@OpenLDAP.org>
To: openldap-technical@openldap.org <openldap-technical@openldap.org>
Sent: Sat Jun 16 10:02:10 2012
Subject: Re: Monitoring 2.3.43?

 On Sat, 16 Jun 2012 17:49:07 +0200, Turbo Fredriksson wrote:
> After monitoring a colleagues batch modifications, I now see that the
> contextCSN now match:
>     paragon:    20120616153755.474331
>     kelvin:     20120616153755.474331
> This, BESPITE that the actual ppolicy does NOT exist on kelvin!

 And even worse: Some modifications does not propagate to the slaves!
 Sometimes. Running his script again, the changes seems to be there..
 ... but you know as soon as Oracle starts waving its wallet at a
 Company it's time to run - fast.
 /illumos mailing list

This message is private and confidential. If you have received it in error, please notify the sender and remove it from your system.