--On Monday, May 21, 2012 5:18 PM -0400 "Charles T. Brooks"
<[email protected]> wrote:
I prefer testing and solid evidence rather than trusting to luck. And
I'm well aware of OpenSSL/NSS issues. But I think our architectures are
based on different assumptions, Quanah.
I don't use syncrepl. I use slurpd, and I run it without incident for
years at a time. I am currently feeding OL 2.4 systems (Red Hat 6.2)
and 2.3 systems (Red Hat 5.x) from a master 2.3 system without issues,
all using Red Hat packages. Slurpd is more bandwidth efficient than
syncrepl, and I do not have any of the problems syncrepl was designed to
solve, so using syncrepl would be a regression for me. I already have
the ability to sync any or all replicas in minutes if needed, and all my
applications implement LDAP failover at the client, so I can bring down
any server any time I wish. Syncrepl offers me nothing. Cn=config
offers less; it does not yet have all the functions of slapd.conf
(although I am running it on the 2.4 nodes) and it puts a master
password in the database, a password which previously was not LDAP
accessible.
Then your usage vastly differs from the norm, and should not in any way,
shape, or form, be used as a platform for giving advice to people who are
freshly deploying OpenLDAP.
--Quanah
--
Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
--------------------
Zimbra :: the leader in open source messaging and collaboration
