Posted by: Anonymous Coward
on December 16, 2004 11:30 PM
Backhoes are a potential problem for all WANs. The problem is not specific to Linux or Active Directory.
There are two ways to overcome the potential problem of a downed WAN link preventing user logons. One alternative is redundant WAN links that follow diverse paths. This solution can be both difficult and prohibitively expensive for smaller remote sites.
The other solution is to place an LDAP server at the remote site. This would not only reduce the risk cause by a WAN outage but, it would also reduce the WAN traffic for authentication which, depending on the speed of the WAN, can be a major issue.
It would be very difficult to have OpenLDAP replicate Active Directory, if even possible. The best solution in an Active Directory environment is to place another Active Directory Domain Controller at the remote site.
With eDirectory, this is an easier alternative as eDirectory is available for free and runs on Linux as well as Windows and Netware. The cost would only be for hardware whereas, the Active Directory solution would require a Windows Server license as well as the hardware.
If your environment is OpenLDAP, then the above scenario is no different. Simply place another OpenLDAP server at the remote site and use replication. Again, the cost would only be for the hardware.
If you are just starting to use a directory in a Linux environment, eDirectory is definitely the way to go. It is both free and extremely powerful. So is OpenLDAP. But, eDirectory blows OpenLDAP away when it comes to replication, partitioning and especially management tools. eDirectory is years ahead of any other directory.
Learn about Linux
Download Linux
Get Linux help
Re:Death by Backhoe!
Posted by: Anonymous Coward on December 16, 2004 11:30 PMThere are two ways to overcome the potential problem of a downed WAN link preventing user logons. One alternative is redundant WAN links that follow diverse paths. This solution can be both difficult and prohibitively expensive for smaller remote sites.
The other solution is to place an LDAP server at the remote site. This would not only reduce the risk cause by a WAN outage but, it would also reduce the WAN traffic for authentication which, depending on the speed of the WAN, can be a major issue.
It would be very difficult to have OpenLDAP replicate Active Directory, if even possible. The best solution in an Active Directory environment is to place another Active Directory Domain Controller at the remote site.
With eDirectory, this is an easier alternative as eDirectory is available for free and runs on Linux as well as Windows and Netware. The cost would only be for hardware whereas, the Active Directory solution would require a Windows Server license as well as the hardware.
If your environment is OpenLDAP, then the above scenario is no different. Simply place another OpenLDAP server at the remote site and use replication. Again, the cost would only be for the hardware.
If you are just starting to use a directory in a Linux environment, eDirectory is definitely the way to go. It is both free and extremely powerful. So is OpenLDAP. But, eDirectory blows OpenLDAP away when it comes to replication, partitioning and especially management tools. eDirectory is years ahead of any other directory.
#