* Quanah Gibson-Mount <[email protected]> [20181018 09:26]: > --On Thursday, October 18, 2018 11:10 AM +0200 Michael Ströder > <[email protected]> wrote: > > >On 10/18/18 1:41 AM, Quanah Gibson-Mount wrote: > >>I've had setups with 2-node MMR on the front, and read only consumers. > >>It works just fine, as long as any given consumer only points to one > >>master. Theoretically, it's supposed to work so that consumers can point > >>to more than one master in an MMR setup, but my experience didn't match > >>that (<http://www.openldap.org/its/index.cgi/?findid=8373>). > > > >There's no config in ITS#8373. > >But you mention accesslog DB. > >Does that mean your setup used delta-syncrepl? > > Yes. It was simply a standard Zimbra MMR deployment. > > >If yes, does that issue also apply to normal syncrepl? > > No idea. I generally consider "normal" syncrepl unsafe as using it > can lead to data loss. I use delta-syncrepl exclusively because of > this, with a focus on eliminating all scnearios in which it might > fall back to "normal" syncrepl. (See > <http://www.openldap.org/its/index.cgi/?findid=8125> for example). > > --Quanah
I'd like to follow up on this discussion, sorry if I've taken so long to reply. First, I'd like to thank all that have commented so far, much appreciated. I have a few more questions because some sort of un-easiness about my setup has crept up in view of the different comments that have been written so far. Right now I have 2 Debian Stretch 9.5 servers running 2.4.46 from the stretch backports. Servers are in a MMR setup, using syncrepl for replication (NOT delta-syncrepl), with a LMDB backend. The intent is to use the directory as a users authentication repository for a 100+ workstations-- with what I said above, would such a setup considered safe? Am I asking for trouble down the road with version 2.4.46? Finally, should I rather consider the LTB project for Debian OpenLDAP as been mentioned in some other threads rather than using the Debian backports? I'm a bit reluctant to roll my own packaging from source. Sorry for the very naive questions, I'm still fairly new to OpenLDAP! thanks! jf > > > > -- > > Quanah Gibson-Mount > Product Architect > Symas Corporation > Packaged, certified, and supported LDAP solutions powered by OpenLDAP: > <http://www.symas.com> > -- Jean-François Malouin | IT Operations and Infrastructure McConnell Brain Imaging Centre | Montreal Neurological Institute McGill University | 3801 University St., Room NW119 Montréal QC, H3A 2B4 | 514.398.8924
