Am Fri, 13 Dec 2013 18:40:02 +0100 (CET) schrieb Christian Kratzer <[email protected]>:
> Hi, > > I have been thinking about a scalable multi site deployment > architecture for openldap where I would like to: > > - Have a small number of master servers centrally in the enterprise > with MMR. > > - All account provisioning would be at the central sites. > > - Have multiple edge sites replicate of those masters in a star > toplogy with MMR. > > - Allow writes to those edge sites for the purpososes of > slapo_ppolicy, slapo_lastbind and password changes. > > I would like to avoid fully meshing all servers for MMR and would > prefer a star topology where each edge site only replicates with the > central site. > > I would also like to avoid chaining. See my previous posts why. > > Before I set this up in my lab I would like a second opinion. The > customer is asking for best practice in large deployments. Michael is quite correct in his comments regarding slapo_policy, but in priciple i have realised this design in a cascading directory with more than 100 slaves. -Dieter -- Dieter Klünter | Systemberatung http://dkluenter.de GPG Key ID:DA147B05 53°37'09,95"N 10°08'02,42"E
