[CentOS] Using CentOS 5 as server; best way to setup NFSv4?

Chris Brentano chris.brentano at jivesoftware.com
Sat Aug 2 03:20:10 UTC 2008 

I would second OpenLDAP, having used it in production at two different  
employers. It's always been stable and reliable. If you're restarting  
slapd every 15 minutes I'd take a good hard look at the problem versus  
just migrating away from it.

On that note, we recently migrated to Active Directory from OpenLDAP,  
primarily because we migrated from Zimbra 4.5 to Exchange (and  
Exchange requires AD). It wasn't without much kicking and screaming,  
but in the end it was the best move for our users. The tricky part was  
switching Linux systems which had been authenticating reliably and  
smoothly to OpenLDAP to using Winbind instead (primarily because of AD  
group support). Even though it largely works, I would say that in a  
large production environment I prefer OpenLDAP for centralized  
authentication over AD, especially since we're a predominately Linux/ 
UNIX environment.

- Chris


On 1 Aug, 2008, at 5:47 PM, Craig White wrote:

> On Fri, 2008-08-01 at 17:33 -0700, nate wrote:
>
>> I personally don't like LDAP(after having used it for many years  
>> now).
>> I do use it at home, though only two of the 6 systems I have are
>> actually using it(I also use it for mail routing but that is a
>> legacy thing I setup 7 years ago that I haven't gotten around to
>> migrating off of). I'm in the slow process of migrating my company's
>> systems off of LDAP, they are using it for authentication and it's
>> horribly unreliable and I hate that single point of failure and
>> the complexity of setting it up and maintaining it. They have a
>> cron script that restarts the LDAP services every 15 minutes and
>> they restart nscd on all of the servers every hour. And still even
>> I get complaints on occasion about not being able to login and I
>> have to go restart nscd again or at least invalidate the nscd
>> passwd cache (nscd -i passwd).
> ----
> LDAP is as stable as anything I've ever used but I have to admit  
> that I
> don't use nscd anywhere because I would suspect, that is what is  
> killing
> you. I stopped using nscd when I went to LDAP for that reason.
>
> It's not uncommon for my primary LDAP servers to have uptimes of  
> over 9
> months and never restarting though Red Hat made a curious choice of
> using sleepy-cat 4.3 on RHEL 5 which is totally not recommended by
> OpenLDAP developers. http://www.openldap.org/faq/data/cache/44.html
>
> I suppose if you wanted to have a stable LDAP, you would investigate
> with the developers of OpenLDAP.
>
> Craig
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos

More information about the CentOS mailing list