[OpenAFS-devel] Apache Directory Server as the Kerberos realm, oh, and more.....

Derrick Brashear shadow@penn.central.org
Tue, 31 Mar 2009 08:37:37 -0400 

--000e0cd6ae30caca1804666976d8
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

On Tue, Mar 31, 2009 at 1:38 AM, Felix Frank <Felix.Frank@desy.de> wrote:

> On Thu, 26 Feb 2009, Jim Doyle wrote:
>
>  The question begs.... Could you simply do away with the PTSERVER and VLDB
>> and put these databases in LDAP ?  C-API LDAP client code with kerberos 5
>> support has long been there - so this is an "attainable" idea.
>>
>
> I just recently had a brief chat with someone who tried something similar
> (implement a ptserver that is fed directly from LDAP).
> His statement was that he ran into a dead end - performance was simply not
> good
> enough and AFS operations apparently rely on extremely low ptserver
> latency.
>

Anyone who's asked about such a thing I've beaten that point into them. It
*is* doable, but you have to optimize (a few of ptserver's operations at
least) for speed, or you're going to be sad.

--000e0cd6ae30caca1804666976d8
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

<br><br><div class=3D"gmail_quote">On Tue, Mar 31, 2009 at 1:38 AM, Felix F=
rank <span dir=3D"ltr">&lt;<a href=3D"mailto:Felix.Frank@desy.de">Felix.Fra=
nk@desy.de</a>&gt;</span> wrote:<br><blockquote class=3D"gmail_quote" style=
=3D"border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; p=
adding-left: 1ex;">
<div class=3D"im">On Thu, 26 Feb 2009, Jim Doyle wrote:<br>
<br>
<blockquote class=3D"gmail_quote" style=3D"border-left: 1px solid rgb(204, =
204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
The question begs.... Could you simply do away with the PTSERVER and VLDB a=
nd put these databases in LDAP ? =A0C-API LDAP client code with kerberos 5 =
support has long been there - so this is an &quot;attainable&quot; idea.<br=
>

</blockquote>
<br></div>
I just recently had a brief chat with someone who tried something similar<b=
r>
(implement a ptserver that is fed directly from LDAP).<br>
His statement was that he ran into a dead end - performance was simply not =
good<br>
enough and AFS operations apparently rely on extremely low ptserver latency=
.<br>
</blockquote><div><br>Anyone who&#39;s asked about such a thing I&#39;ve be=
aten that point into them. It *is* doable, but you have to optimize (a few =
of ptserver&#39;s operations at least) for speed, or you&#39;re going to be=
 sad.<br>
<br>=A0</div></div><br>

--000e0cd6ae30caca1804666976d8--