I had a requirement to build a centrally managed SSO system that replicated subordinate subtrees (kerberos, identities, roles, permissions, resources, dns, etc) to the respective sites and handle tens of thousands of concurrent requests per second. I determined that FreeIPA was unable to perform this mission due to 1) inflexible DIT, 2) inflexible management tooling, and 3) lack of scalability. So, I built a system to achieve those goals. And it really wasn't rocket science. Perhaps I will write a book about it and ask for competent reviewers from the OL community.
On Fri, Nov 17, 2017 at 4:21 PM, Michael Ströder michael@stroeder.com wrote:
MJ J wrote:
I know because I have built such a system (based on OpenLDAP) and deployed it internationally.
So what makes your system special, which goals does it reach and how?
Ciao, Michael.