If what you are looking for is a backend for your main ldap database then, as has been said previously, avoid sql by all means, not just the specific openldap implementation, all kind of sql backends. Relational databases can not match the requirements of the ldap protocol. It would be like trying to use GmailFS for general purpose filesystem.

If you need just an "ldap view" to an existing relational database then the right keyword for this is "Virtual Directory". The sql backend of Openldap could have been an opensource alternative but now this goes off the list. I am not aware of any other reliable opensource implementations there are few commercial though.


On Tue, Jan 6, 2015 at 11:00 PM, Nick Atzert <tlkg.me@gmail.com> wrote:

It's pretty messy and convoluted IMO. That's with a fairly pedestrian view of the project. Considering it's (apparently) unmaintained I'd assume it's the same for development. The biggest issue I've been having is mostly with understanding error logs when things break or deviate from a really basic config.. that may just be me though.

I hope I'm not coming of as accusatory toward the OpenLDAP/back-sql devs. I like OpenLDAP a lot.. you guys do a great job. I know this is a really bad way to go about storing the data and I've definitely voiced my objections on this issue. Sometimes you just have to CYA and do it anyway though. That's the unfortunate situation I find myself in at the moment.

In any case, thank you guys for taking a look even if you couldn't help. I do appreciate it.

On Jan 6, 2015 3:39 PM, "Nikos Voutsinas" <nvoutsin@gmail.com> wrote:
I am not sure if I should interpret this as "sql-backend is a second class citizen that shouldn't be used in production environments (i.e. think of virtual directories) because of its experimental stage" or take it as an overstatement been made on purpose mostly to discourage new users from considering an sql based engine for their main ldap database backend.

I hadn't had the chance to use sql backend in production or test it as much as I would like, thus it would be interesting to hear from others in the list, their practical experience of sql backend in read-only or read-write deployments.

On Tue, Jan 6, 2015 at 1:17 PM, Michael Ströder <michael@stroeder.com> wrote:
Nick Atzert wrote:
> I personally wouldn't move to a sql backend.. I've recommended against it.
> This is what the boss wants though so here we are. :-)

I'm pretty sure your boss don't want you to use components which are not
actively maintained anymore. back-sql is not maintained in the same way like
back-mdb. You have to expect that some features (e.g. overlays) you may want
to use later do not work the same way.

Ciao, Michael.