Replicated LDAP as backend
Paul B. Henson
henson at acm.org
Tue Jul 29 16:41:58 EDT 2014
> From: Brandon Allbery
> Sent: Friday, July 25, 2014 6:41 AM
>
> Multi-master replication works fine, and is arguably the only sensible
> reason to use the LDAP backend in the first place --- it's slower and
> more painful to manage compared to the standard backend.
We've been running multi master on top of openldap for a few years now, and
it works great. We have kadmin behind a hardware load balancer, which
automatically transitions clients to one of the secondary servers if the
master fails.
More information about the Kerberos
mailing list