Hey folks,
In order to provide stability to my OpenLDAP clients in the event of a network outage, I would like to implement some client-side caching. I've done some research, and have concluded that nscd is evil and should be avoided at all costs, and thus eventually settled on using back-ldap as a proxy and caching mechanism on the clients. Ideally, clients would query a local cache first, and if the information was not available, back-ldap would then forward the connection on to my root OpenLDAP server(s). However, I didn't see much information in the admin guide with respect to such configurations other than a reference to the back-ldap man page, and given that I've got no real experience with setting up back-ldap, I was wondering if somebody who did/does would have some recommendations, advice, or knew of a good documentation source describing this sort of setup?
The other question I have is that it seems most people use back-ldap with a slapd.conf-style configuration, versus a cn=config type of setup. In this sort of circumstance, where one is not configuring a full-on OpenLDAP server/replica, that seems like it might be a good thing in the interest of keeping the client configurations simple. Nonetheless, I wanted to verify that it was the recommended way, since slapd.conf (in the context of a fully fleshed-out OpenLDAP server) is deprecated.
Thanks as always for insights, advice, and criticisms.
Respectfully, Ryan