Enter LDAP

I started playing with openLDAP for some reason. Well, I wanted to build a multi-master replication for a customer I have which wants to replicate their primary datastore to a second ldap server. I really used this as a chance to re-familiarize myself with the 2.4 version of openLDAP. The entire replication thing has changed from the reasonably simple slurp thing to something called syncrepl. Syncrepl is pretty simple as long as you get the “stanzas” right in the slapd.conf or cn=config. I am using centOS 5.4 final for this work because the customer is using RHEL5 update 4.

What I’ve learned thus far is that anyone can really do this replication thing if you read carefully enough and get the basics built. I can now create users on one server and have the replicated to the second in real-time. Simple! Now I have to roll out my changes to a production environment I have built.

I did all this testing in VMWare ESXi 5.0 after creating my two centOS guests. I tried using Oracle VM but its too much! I need to have a Oracle Linux box running a 64bit version of their Linux to even use it effectively. There is no Windows client. That just adds yet another system that I must run over and above the hypervisor. I don’t really care for Oracle’s commitment to open source either. At least with Sun, I kinda got their “mamby pamby” open source commitment down. I don’t get Oracle at all. Anyways, the amount of time to build the Oracle Linux box, install the Oracle VM Manager, install the Oracle VM server was about twice as much as installing the standalone ESXi 5. I was being productive within 2 hours on ESXi. With the Oracle VM thing, I was still wondering how I should install the VM Manager, whether it would use the disk drives in the system, etc. The Oracle VM Manager has no counter-part for Debian or non-Oracle systems. No way to manage the VM server unless I also opt to run the 64bit version of Oracle Linux. ┬áThis is a no-pass and complete fail of a solution basically and it takes too long to get productive.

I can see why its rated as a distant fourth by enterprise users. ESXi 5.0 is ready to be used and I can install if on a little flash drive which makes it very portable. Then I am off and running with the guests. I mean that’s the goal right? To get productive whether I use Windows or Linux as a manager? I don’t like Redhat Linux so I probably would not like Oracle Linux either since they seem to have just taken it much like CentOS or something.

Now my two guests are running OpenLDAP 2.4.11 and I can sync between them by creating an LDIF file, seeding it with the user, and then running the tool to import the user.

I’ll publish a bit more next time what a rank nooby needs to know and do to be effective at using OpenLDAP. It ain’t rocket science but you can easily get things wrong.