On 04/12/12 22:02, Gregory Haverkamp wrote:
In my base, it was back-relay. back-ldap fixed the back-relay problem
(with a performance degradation), but then I encountered oodles of
problems with back-ldap, followed by back-meta, after which I was forced
to scrap any hope of maintaining my legacy naming context without
synchronization.
I started a bug report on one of them, but I was in the middle of a
roll-out of the new directory infrastructure, and I never got back to
all three problems.
Hi Greg,
Hmm..
In my case I would have to shelve ppolicy until all my clients had been
converted - I have over 150 clients and 600 user accounts (under my
control) but LDAP is not just used by PAM/NSS (if it were it would be
easy) - there are undocumented usages in apache configs, Confluence,
possibly webapps written in all manner of languages etc etc.
It's a real mess...
Cheers,
Tim
--
Tim Watts
Personal Blog:
http://www.dionic.net/tim/
"It would be better to live under robber barons than under omnipotent
moral busybodies."
