OpenLDAP: "Brains not included."
On Jan 30, 2014 3:45 PM, "Borresen, John - 0442 - MITLL" <
Sorry, I didn't read the original mailing list...I too wanted to
the board and not you individually. My apologies.
From: Borresen, John - 0442 - MITLL
Sent: Thursday, January 30, 2014 1:16 PM
To: 'Turbo Fredriksson'; Howard Chu
Subject: RE: Have you seen this FUD - IT pros suffer OpenLDAP
configuration headaches ?
I have experience with OpenLDAP, 389-Directory-Server, OpenDJ, OpenDS,
RedHat's Directory Studio. I am not an LDAP expert by any means (as can be
seen by my help posts -- that was supposed to be funny). While I get
aggravated by the difficulty in installing OpenLDAP, the miniscule
documentation, and the differing, and often conflicting, documents found
via a google search I always recommend OpenLDAP over the other products.
The OpenLDAP Admin Guide, for a product that has been out for a very long
time, as far as a how-to-guide, is lacking a lot and seems incomplete --
many areas are simply blank. The bouncing back and forth between the
slapd.conf (old) and the slapd.d (new) methodologies is very aggravating
and not helpful (to me).
I understand that there is not just one way to install OpenLDAP...the
options are pretty mind-boggling -- and can't all be put in an Admin Guide,
the manual as more than a dictionary could be so much more. With this test
environment I've been building over that 2 or 3 months, it's been broken
down and restarted, from scratch, at least once a month. The original
environment (the current production) took me about a year to get up and
We use the Apache Directory Studio as a front-end GUI to view the dbase,
mostly. Most modifications are via the CLI tools.
Don't get me wrong, even for my "bashing" of OpenLDAP above, it is the
first one that I would recommend. I look at the bright side...each time
the slate has to be cleaned and restarted the more I learn.
From: openldap-technical-bounces(a)OpenLDAP.org [mailto:
openldap-technical-bounces(a)OpenLDAP.org] On Behalf Of Turbo Fredriksson
Sent: Thursday, January 30, 2014 11:53 AM
To: Howard Chu
Subject: Re: Have you seen this FUD - IT pros suffer OpenLDAP
configuration headaches ?
On Jan 30, 2014, at 5:35 PM, Howard Chu wrote:
> I saw some of this on twitter before, ignored it since none of the
parties involved have any clue what they're talking about.
Personally, I think it's spot on. It IS hard to configure an LDAP server,
and even harder to understand how it works (the object based part). Took me
three months first time, and I'm not an idiot.
Even today, I need to consult either my own book or the howto (or
seriously skim through the man pages) to setup a new server.
And even worse if when you want to optimize the backend... There's a lot
of magic there....
And with the new config backend!? I haven't even had the time or energy to
go that far yet!
I love deadlines. I love the whooshing noise they make as they go by.
- Douglas Adams