Kevin Elliott wrote:
Buchan,
Thank you very much for taking the time to iterate over some scenarios and include your suggestions. I resonate with most of what you have suggested, and I had a follow-up question to see if you recommend something different for our particular scenario.
We have a small ldap database, but have had several LDAP outages (mostly due to bdb corruptions that we've yet to diagnose why they're occurring, other than possibly because all the versions are several years old). This ends up taking out all of our unix, OSX, and Windows systems (we're running samba on ldap). Our slave ldap seems to be in a good state during these outages, but most of our systems do not have the ability for one reason or another, to communicate with the slave --- even if we were to point all the systems to it, we would not be able to write to it while the master ldap is down, which is a deal breaker for us! Changes need to occur, and we need to feel confident that the diffs will make it back into the master when it is revived.
What is your suggestion for our specific scenario?
What version of OpenLDAP are you running at the moment? the bdb corruptions are very concerning.