Hi all, Wondering if any of you have thoughts/experiences with ApacheDS? We've all had trials and tribulations regarding OpenLDAP and while its basically working pretty well in a master/slave relationship, ApacheDS claims more robust replication, etc... Granted I am working with the version bundled with CentOS, I do understand that the latest OpenLDAP is wayyyyyyy betterrrr :) - Aurf
On 05/12/11 1:07 PM, aurfalien at gmail.com wrote:> Hi all, > > Wondering if any of you have thoughts/experiences with ApacheDS? > > We've all had trials and tribulations regarding OpenLDAP and while its > basically working pretty well in a master/slave relationship, ApacheDS > claims more robust replication, etc... > > Granted I am working with the version bundled with CentOS, I do > understand that the latest OpenLDAP is wayyyyyyy betterrrr :)what about the CentOS DS based on Redhat DS ? http://wiki.centos.org/HowTos/DirectoryServerSetup http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/index.html or, 389, formerly Fedora DS, http://directory.fedoraproject.org/ afaik, 389 and RedhatDS are closely related, these are all descendents of the Netscape Directory Server
> Wondering if any of you have thoughts/experiences with ApacheDS?Since we develop mostly Java application we use it for development and testing: developers don't have to install an OS dependent LDAP implementation (especially the poor souls working on Windows). In production we use openldap from CentOS (5.6). As far as authentication / role management goes we have never noticed any significant difference between testing and production. (except for a few attributes where null/empty values are accepted by one but not the other). But we are definitely not pushing them to the limit in our deployments. Please note that we are still on ApacheDS 1.0 since we put this in place a while ago and never felt the need to upgrade it for our development / testing needs. I'd be interested in your analysis and final choice if you test it for production deployments. This is something that I'm considering as well, because of our Java focus. A bit OT with regard to the OP question: this is the occasion to signal that Apache Directory Studio (http://directory.apache.org/studio/), a sister project, is an excellent and powerful LDAP client. It works well in order to access CentOS openldap servers (and obviously ApacheDS as well), and runs well on a CentOS desktop (with the default OpenJDK).
On Friday, May 13, 2011 04:07 AM, aurfalien at gmail.com wrote:> Hi all, > > Wondering if any of you have thoughts/experiences with ApacheDS? > > We've all had trials and tribulations regarding OpenLDAP and while its > basically working pretty well in a master/slave relationship, ApacheDS > claims more robust replication, etc... > > Granted I am working with the version bundled with CentOS, I do > understand that the latest OpenLDAP is wayyyyyyy betterrrr :)Since you are shopping, I wonder if you have looked at opends?
Les Mikesell wrote:> On 5/13/2011 2:05 PM, m.roth at 5-cent.us wrote:<snip IPA>>>>> mark "I'll drink to/with that!" >>> >>> See: http://freeipa.org/page/Main_Page >> >> *bleah*! >> >> I've got enough to deal with... like PIV-II card logins, here at work. >> >> mark "yeah, for the US gov't" > > Is it going to be used by default with matching client/server schemas soif you install your first server and add users you don't have to do anything special to have the same users on subsequent machines? Or is ClearOS the only thing sensible enough for that? Are you talking about IPA, Les? mark