5:06 p.m.
Hi Quanah,
On Tue, Sep 17, 2013 at 12:21 PM, Quanah Gibson-Mount <quanah(a)zimbra.com>wrote:
It is always interesting to me when someone emails the technical
list,
asking for guidance from people who know the most about the software, and
then ignore it.
I know what you mean, I've suffered that myself :) but there's a valid
reason for trying to ignore your suggestion (that I explained in a previous
message).
The Debian build of OpenLDAP is old, links to a potentially insecure
SSL
implementation, and has a variety of known bugs present in it that are
known to affect replication, particularly multi-master. Understand that by
continuing to use the Debian package, you are essentially setting yourself
up for failure when looking at using Multi-Master Replication.
Would you mind to provide me more details about the bugs and potential
problems of using Debian packages? I'm not putting your statements in
doubt, I just need to have solid and documented arguments to convince my
boss that this extra work is really needed.
Thanks in advance for your help!
5:44 p.m.
New subject: Multi-master setup in debian
--On Tuesday, September 17, 2013 09:06:24 PM -0300 Listas de Correo
<toshiro.listas(a)gmail.com> wrote:
> The Debian build of OpenLDAP is old, links to a potentially
insecure SSL
> implementation, and has a variety of known bugs present in it that are
> known to affect replication, particularly multi-master. Understand that by
> continuing to use the Debian package, you are essentially setting yourself
> up for failure when looking at using Multi-Master Replication.
>
Would you mind to provide me more details about the bugs and potential
problems of using Debian packages? I'm not putting your statements in
doubt, I just need to have solid and documented arguments to convince my
boss that this extra work is really needed.
Thanks in advance for your help!
Seems like the changelog is a good place to start:
http://www.openldap.org/software/release/changes.html
You might find "Why is using the OpenLDAP server from a Linux
distribution not recommended?" interesting reading at:
http://www.openldap.org/faq/data/cache/1456.html
Bill
--
Bill MacAllister
Infrastructure Delivery Group, Stanford University
5:49 p.m.
New subject: Multi-master setup in debian
--On Tuesday, September 17, 2013 9:06 PM -0300 Listas de Correo
<toshiro.listas(a)gmail.com> wrote:
Would you mind to provide me more details about the bugs and
potential
problems of using Debian packages? I'm not putting your statements in
doubt, I just need to have solid and documented arguments to convince my
boss that this extra work is really needed.
Read the release notes for OpenLDAP:
<http://www.openldap.org/software/release/changes.html>
The FAQ from the Debian OpenLDAP package maintainers:
<http://www.openldap.org/faq/data/cache/1456.html>
The use of GnuTLS (What Debian links to instead of OpenSSL) is harmful:
<http://www.openldap.org/lists/openldap-devel/200802/msg00072.html>
--Quanah
--
Quanah Gibson-Mount
Lead Engineer
Zimbra Software, LLC
--------------------
Zimbra :: the leader in open source messaging and collaboration
3725
days inactive
3725
days old
openldap-technical@openldap.org
2 comments
3 participants
participants (3)
-
Bill MacAllister -
Listas de Correo -
Quanah Gibson-Mount