Thank you Alejandro,<br><br>Yes, we are using OpenLDAP, running on Ubuntu 10.04<br><br><br><div class="gmail_quote">On Fri, Aug 5, 2011 at 10:27 AM, Alejandro Imass <span dir="ltr"><<a href="mailto:aimass-EzYyMjUkBrHQFizaE/u3fw@public.gmane.orgm">aimass-EzYyMjUkBrFWk0Htik3J/w@public.gmane.org</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;"><div class="im">On Fri, Aug 5, 2011 at 7:48 AM, John Miles <<a href="mailto:jmiles242-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org">jmiles242@gmail.com</a>> wrote:<br>
> Hi,<br>
><br>
> I need some direction on where to start with a solution for replacing some<br>
> LDAP infrastructure.<br>
><br>
> We presently have 1 LDAP server.<br>
><br>
<br>
</div>OpenLDAP?<br>
<div class="im"><br>
> My manager desires multiple LDAP servers (and so do I for failover/disaster<br>
> recover)<br>
><br>
<br>
</div>[...]<br>
<br>
> Model 1:<br>
<br>
[...]<br>
<br>
<br>
OpenLDAP supports several replication models including n-way<br>
replication, and should handle several thousand users on a single<br>
sever without a hiccup. Unless your set-up is extremely huge your<br>
proposed schemes seem overkill IMHO.<br>
<br>
The easiest scheme in my experience is master -> slave where the slave<br>
is just a passive warm stand-by server. When the master goes down,<br>
just change the IPs and the config files and re-start the slave as<br>
master while you fix the old master to create a new slave. The<br>
downtime is minimal and it's easily automate-able, and there are no<br>
other external components like an LDAP reverse proxy/balancer or<br>
anything like that. The truth is, that unless you partition your DIT<br>
and use referrals, etc. you will _always_ have a single point of<br>
failure so many elaborate schemes are just complications that will<br>
bite you down the line.<br>
<div class="im"><br>
> Anyone have experience setting up something like this?<br>
><br>
<br>
</div>If it's OpenLDAP I could help out more.Is this only LDAP or LDAP + Samba ?<br>
<br>
> Thank you!<br>
><br>
> John.<br>
<div><div></div><div class="h5">><br>
--<br>
The Toronto Linux Users Group. Meetings: <a href="http://gtalug.org/" target="_blank">http://gtalug.org/</a><br>
TLUG requests: Linux topics, No HTML, wrap text below 80 columns<br>
How to UNSUBSCRIBE: <a href="http://gtalug.org/wiki/Mailing_lists" target="_blank">http://gtalug.org/wiki/Mailing_lists</a><br>
</div></div></blockquote></div><br>