We have run openldap for some years, and it runs very well, but it's a fair
comment for openldap to include a simple installation script, to get a
server installed for the new B. That would encourage evaluation and
adoption.
OpenDJ has one, it asks for base, port, hostname, if ssl is required, etc.,
and optionally includes a bunch of randomly generated data for testing or
proof of concept type applications. If ssl is requested, it just generates
a self signed certificate and installs it. Some people have pretty
straightforward ldap requirements.
People who do this sort of birds eye or top down review, aren't going to
spend more than an hour or two, even if they try, which it seems this one
didn't. This article seems to me to be no more than a re-hash of other
people's experiences with openldap, and they did not install themselves.
But the ideas re-hashed
I can download a copy of OpenDJ, run the setup script and at the end of the
install the server is running and configured. It has a dynamic
configuration backend, but it has a command line interface for day to day
usage. And the config.ldif can be hand edited if you do something
unexpected like sexy up the listening port, which stops the server from
starting.
I don't mean to make this a sales spiel, but my point is, there should be
some notion of new B friendliness. Also i know plenty of busy computer
operators who look after many different bit of software, and are not
interested in the details of the server, they want to start / stop,
diagnose problems, and move on to something else. Time is an issue.
I don't think as much of the idea of a configuration tui/gui for openldap
though, as you'd always be tweaking the interface to batch the config
backend. But i think a optimal solution of a dynamic config backend is to
go in this ease of maintenance direction, otherwise you are just
sweeping the rats under the rug.
I dont see how the RHEL package issues can be fixed, other than :
#!/bin/sh
echo "This package is too old, download xxxx and run the auto-build-rhel.sh
script!"
There is no such script, AFAIK but it would be nice. Install required
packages & libraries, warn about library conflicts, etc.,
Cheers
Brett
On Fri, Jan 31, 2014 at 2:35 AM, Howard Chu <hyc(a)symas.com> wrote:
Gavin Henry wrote:
>
http://searchdatacenter.techtarget.com/feature/IT-pros-suffer-OpenLDAP-
> configuration-headaches
>
> Any one been in touch with them?
>
I saw some of this on twitter before, ignored it since none of the parties
involved have any clue what they're talking about.
--
-- Howard Chu
CTO, Symas Corp.
http://www.symas.com
Director, Highland Sun
http://highlandsun.com/hyc/
Chief Architect, OpenLDAP
http://www.openldap.org/project/
--
Whenever you find yourself on the side of the majority, it is time to pause
and reflect.
- Mark Twain