[SATLUG] Active directory vs Linux
Justizin
justizin at siggraph.org
Fri Dec 22 13:34:22 CST 2006
On 12/22/06, Thomas Cameron <thomas.cameron at camerontech.com> wrote:
> On Wed, 2006-12-20 at 18:07 -0800, samuel detal wrote:
> > How can I create a network in a active directory alike structure?? is it possible or in this aspect Windows is better than Linux....
>
> Not exactly AD, but you can use Fedora Directory Server, which is a
> newer (and MUCH better) release of the Netscape Directory Server.
>
> http://directory.fedora.redhat.com/
OpenLDAP also shares a history with FDS - the main point of difference
between these two is a theoretical debate over the nature of
multi-master replication. The developers of OpenLDAP, for some pretty
sound reasons, depending on your implementation, maintain that
multi-master replication can destroy the reliability of an LDAP store.
For instance, let's say you have some websites connected to your LDAP,
and one allows people to update their mail address, while others send
mail, say order status, based on this value.
With Multi-Master replication, it's possible for the second site to
fail to pick up the change from the first site, whereas with single
master replication, while having less attractive failover potential,
if there were a directory problem, it would be clearer because the
e-mail would refuse to save.
Again, this is something where you'll have to make choices. I'm
betting Google uses Multi-Master replication based on their
master-less network topology.
> If you need a commercially supported version of this product, see Red
> Hat Directory Server at http://www.redhat.com/software/rha/directory/
Yes and what's fun is even if you have a license for umpteen RHEL
machines, you have to purchase a separate support contract for
FDS/RHDS, afaik. Even if you don't care about money, this can really
slow your project down.
I've decided to bypass caring about the difference in replication for
time being, at ACM, by pointing our OpenLDAP at an Oracle 10g storage,
though I'm not entirely excited about it. BDB has major deadlock
issues which arise in svn and I'd prefer never to see that happen to
my directory.
--
Justizin, Independent Interactivity Architect
ACM SIGGRAPH SysMgr, Reporter
http://www.siggraph.org/
More information about the SATLUG
mailing list