[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Have you seen this FUD - IT pros suffer OpenLDAP configuration headaches ?

> From: Howard Chu
> Sent: Tuesday, May 13, 2014 3:59 PM
> That's not really dynamic configuration. Anything that requires you to
> physically login to a server to issue a change is not scalable. With cn=config
> you can delegate configuration privileges across an arbitrarily large network,
> without requiring any host/OS privileges.

Ah, yes, the "I'm going to redefine terminology so your argument is no longer valid" approach.

I never said I had to or planned to physically login to a server to make a change. I simply said that reloading a flat text configuration file and applying any configuration changes in it is a valid and reasonable approach. Perhaps in a scenario where the person managing the LDAP server configuration does not have any operating system privileges, your feature would be invaluable. But in an environment where the person managing the operating system configuration itself is also managing the LDAP server configuration, it is meaningless. What next, you're going to offer the feature for slapd to proxy changes to the operating system configuration files via the LDAP interface? You just don't seem to understand or accept that deployment scenarios other than the one you envision exist, are useful, or should be supported, and that the ability to manage openldap via existing infrastructure that is already managing other systems and applications is a valuable feature.

> Most people didn't "need" electricity when they still had oil lamps...

Many people still drive a manual transmission vehicle even after the widespread availability of the automatic transmission. See, I can spew irrelevant platitudes tooâ

You can reply to this if you like, but I'm done with the debate, as clearly you will never accept an alternative viewpoint and banging my head against a concrete wall is not my favorite hobby. While I have great respect for your skills and knowledge, and great appreciation for your work with openldap, I think your opinion on this particular topic is a bit too artificially ingrained.