Hi all,
Wondering if any of you have thoughts/experiences with ApacheDS?
We've all had trials and tribulations regarding OpenLDAP and while its basically working pretty well in a master/slave relationship, ApacheDS claims more robust replication, etc...
Granted I am working with the version bundled with CentOS, I do understand that the latest OpenLDAP is wayyyyyyy betterrrr :)
- Aurf
On 05/12/11 1:07 PM, aurfalien@gmail.com wrote:
Hi all,
Wondering if any of you have thoughts/experiences with ApacheDS?
We've all had trials and tribulations regarding OpenLDAP and while its basically working pretty well in a master/slave relationship, ApacheDS claims more robust replication, etc...
Granted I am working with the version bundled with CentOS, I do understand that the latest OpenLDAP is wayyyyyyy betterrrr :)
what about the CentOS DS based on Redhat DS ?
http://wiki.centos.org/HowTos/DirectoryServerSetup http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/index.html
or, 389, formerly Fedora DS, http://directory.fedoraproject.org/
afaik, 389 and RedhatDS are closely related, these are all descendents of the Netscape Directory Server
Wondering if any of you have thoughts/experiences with ApacheDS?
Since we develop mostly Java application we use it for development and testing: developers don't have to install an OS dependent LDAP implementation (especially the poor souls working on Windows).
In production we use openldap from CentOS (5.6).
As far as authentication / role management goes we have never noticed any significant difference between testing and production. (except for a few attributes where null/empty values are accepted by one but not the other). But we are definitely not pushing them to the limit in our deployments.
Please note that we are still on ApacheDS 1.0 since we put this in place a while ago and never felt the need to upgrade it for our development / testing needs.
I'd be interested in your analysis and final choice if you test it for production deployments. This is something that I'm considering as well, because of our Java focus.
A bit OT with regard to the OP question: this is the occasion to signal that Apache Directory Studio (http://directory.apache.org/studio/), a sister project, is an excellent and powerful LDAP client. It works well in order to access CentOS openldap servers (and obviously ApacheDS as well), and runs well on a CentOS desktop (with the default OpenJDK).
On Friday, May 13, 2011 04:07 AM, aurfalien@gmail.com wrote:
Hi all,
Wondering if any of you have thoughts/experiences with ApacheDS?
We've all had trials and tribulations regarding OpenLDAP and while its basically working pretty well in a master/slave relationship, ApacheDS claims more robust replication, etc...
Granted I am working with the version bundled with CentOS, I do understand that the latest OpenLDAP is wayyyyyyy betterrrr :)
Since you are shopping, I wonder if you have looked at opends?
On May 12, 2011, at 6:08 PM, Christopher Chan wrote:
On Friday, May 13, 2011 04:07 AM, aurfalien@gmail.com wrote:
Hi all,
Wondering if any of you have thoughts/experiences with ApacheDS?
We've all had trials and tribulations regarding OpenLDAP and while its basically working pretty well in a master/slave relationship, ApacheDS claims more robust replication, etc...
Granted I am working with the version bundled with CentOS, I do understand that the latest OpenLDAP is wayyyyyyy betterrrr :)
Since you are shopping, I wonder if you have looked at opends?
No, but after reading your post I checked it.
Looks cool, Java based which seems the in thing, I like it.
But, and not to sound lamerz; the Sun sponsor turned me off.
At this stage in my career and life. I look at these feeble attempts by large virus like organizations to say "hey look world, we encourage free and open... " like Microsoft making a big deal about donating $100K to the Apache Foundation.
- aurf
On 5/13/2011 12:28 PM, aurfalien@gmail.com wrote:
No, but after reading your post I checked it.
Looks cool, Java based which seems the in thing, I like it.
But, and not to sound lamerz; the Sun sponsor turned me off.
Sun or the fact that they are gone now? And where are you seeing this?
At this stage in my career and life. I look at these feeble attempts by large virus like organizations to say "hey look world, we encourage free and open... " like Microsoft making a big deal about donating $100K to the Apache Foundation.
I don't understand. Sun contributed more lines of code to open source than any other single entity. We wouldn't have NFS, java, OpenOffice, zfs, or a bunch of other stuff without them and the fact that the code is still open and available after the company's demise and Oracle's mishandling of most of it shows there was nothing feeble about it.
On May 13, 2011, at 11:22 AM, Les Mikesell wrote:
On 5/13/2011 12:28 PM, aurfalien@gmail.com wrote:
No, but after reading your post I checked it.
Looks cool, Java based which seems the in thing, I like it.
But, and not to sound lamerz; the Sun sponsor turned me off.
Sun or the fact that they are gone now? And where are you seeing this?
Dude I know Sun is now Oracle. No need to lecture.
I don't understand. Sun contributed more lines of code to open source than any other single entity.
Sure, back in the day, but all companies when getting to a certain size start to suk.
Sun suked b4 Oracle bought them. if they were still the great company of old, they would not have been a buy out target for Oracle.
- aurf
On May 13, 2011, at 11:32 AM, aurfalien@gmail.com wrote:
Forget all of this Sun/Oracle debate. It's not meaningful any more.
Free IPA will be included in RHEL 6.1 and fully supported by Red Hat with the RHEL 6.2 release and it seems obvious that if you aren't already entrenched in a DS server, this would be the way to go now.
Craig White wrote:
On May 13, 2011, at 11:32 AM, aurfalien@gmail.com wrote:
Forget all of this Sun/Oracle debate. It's not meaningful any more.
Free IPA will be included in RHEL 6.1 and fully supported by Red Hat with the RHEL 6.2 release and it seems obvious that if you aren't already entrenched in a DS server, this would be the way to go now.
Free IPA? India Pale Ale?
mark "I'll drink to/with that!"
On 05/13/2011 07:41 PM, m.roth@5-cent.us wrote:
Free IPA? India Pale Ale?
mark "I'll drink to/with that!"
See: http://freeipa.org/page/Main_Page
Athmane Madjoudj wrote:
On 05/13/2011 07:41 PM, m.roth@5-cent.us wrote:
Free IPA? India Pale Ale?
mark "I'll drink to/with that!"
*bleah*!
I've got enough to deal with... like PIV-II card logins, here at work.
mark "yeah, for the US gov't"
On 5/13/2011 2:05 PM, m.roth@5-cent.us wrote:
mark "I'll drink to/with that!"*bleah*!
I've got enough to deal with... like PIV-II card logins, here at work.
mark "yeah, for the US gov't"
Is it going to be used by default with matching client/server schemas so if you install your first server and add users you don't have to do anything special to have the same users on subsequent machines? Or is ClearOS the only thing sensible enough for that?
On May 13, 2011, at 11:41 AM, m.roth@5-cent.us wrote:
Craig White wrote:
On May 13, 2011, at 11:32 AM, aurfalien@gmail.com wrote:
Forget all of this Sun/Oracle debate. It's not meaningful any more.
Free IPA will be included in RHEL 6.1 and fully supported by Red Hat with the RHEL 6.2 release and it seems obvious that if you aren't already entrenched in a DS server, this would be the way to go now.
Free IPA? India Pale Ale?
mark "I'll drink to/with that!"
Haaaaa, I like it!
- aurf
On 05/13/11 11:39 AM, Craig White wrote:
Free IPA will be included in RHEL 6.1 and fully supported by Red Hat with the RHEL 6.2 release and it seems obvious that if you aren't already entrenched in a DS server, this would be the way to go now.
and FreeIPA is the 389 fka FedoraDS bundled with Kerberos and some other stuff, no?
On May 13, 2011, at 1:29 PM, John R Pierce wrote:
On 05/13/11 11:39 AM, Craig White wrote:
Free IPA will be included in RHEL 6.1 and fully supported by Red Hat with the RHEL 6.2 release and it seems obvious that if you aren't already entrenched in a DS server, this would be the way to go now.
and FreeIPA is the 389 fka FedoraDS bundled with Kerberos and some other stuff, no?
---- yes
Craig
On Saturday, May 14, 2011 01:28 AM, aurfalien@gmail.com wrote:
On May 12, 2011, at 6:08 PM, Christopher Chan wrote:
On Friday, May 13, 2011 04:07 AM, aurfalien@gmail.com wrote:
Hi all,
Wondering if any of you have thoughts/experiences with ApacheDS?
We've all had trials and tribulations regarding OpenLDAP and while its basically working pretty well in a master/slave relationship, ApacheDS claims more robust replication, etc...
Granted I am working with the version bundled with CentOS, I do understand that the latest OpenLDAP is wayyyyyyy betterrrr :)
Since you are shopping, I wonder if you have looked at opends?
No, but after reading your post I checked it.
Looks cool, Java based which seems the in thing, I like it.
But, and not to sound lamerz; the Sun sponsor turned me off.
At this stage in my career and life. I look at these feeble attempts by large virus like organizations to say "hey look world, we encourage free and open... " like Microsoft making a big deal about donating $100K to the Apache Foundation.
/me shrugs
opends branched away from Sun DS a long time ago and I doubt very much that it is still 'Sun sponsored'. More like the developers have not bother to update the site.
I use it for my winbind backend and its management was way more easier than trying to figure out openldap. Of course, I will probably be using Samba's DS with samba4 in future.
-
Athmane Madjoudj -
aurfalien@gmail.com -
Christopher Chan -
Craig White -
John R Pierce -
Les Mikesell -
m.roth@5-cent.us -
Mathieu Baudier