Non-STOP PKI, Non-STOP LDAP and other security issues

Alan Robertson alanr at suse.com
Sun Apr 2 21:44:52 MDT 2000


Dominique Chabord wrote:
> 
> Hello,
> 
> my question was not aimed at confusing anyone.
> 
> Thank you for your precise answers. Important words were not non-STOP, nor
> SCSI.If you are sued by Compaq lawyers, you can denounce me. Sorry if this
> misled anyone. and I'm not either pushing SCSI against any distributed
> solution of any kind.
> 
> Alan:
> I got an answer from Derek about LDAP servers synchronization. I understand
> from Derek that LDAP usually integrates its replication mechanisms and
> doesn't need to swap disks. Therefore it doesn't need drbd nor journalized
> file system. Do you mean it does need them ? Does it depend on the product
> we use or is it part of LDAP standard ? From other sources, I thought LDAP
> could even be parallelised, avoiding failover mechanism as heartbeat. Is
> this mode recommended in secured environments when secret keys are written
> in LDAP directory ?

I'm pretty much an LDAP-ignoramus.  However, if you have a copy of the
data through a drbd mirror, then most databases can deal with it without
using external synchronization methods.  However, I have heard that LDAP
has it's own synchronization methods, and they are probably easier to
configure, and perhaps lower-bandwidth.

Certainly you can't do load sharing when using the drbd approach.

	-- Alan Robertson
	   alanr at suse.com



More information about the Linux-HA mailing list