[Kolab-devel] Sharing folders on users on different Servers (was: OpenLDAP replication issues: slurpd vs syncrepl)

Bernhard Reiter bernhard at intevation.de
Wed Feb 22 19:04:14 CET 2006

Hi Fabio,
thanks for your insights on Kolab design, it is quite valuable.

Unfortunately I do not see us in the phase to do major design step right now.
The Kolab solution is earning its first reputation in the market,
also the people doing the design are lacking a huge Kolab contract right now
(like Proko2).
So even on the point we would agree to redesign Kolab,
the question remain for a while: Who does the hard work?
It might be interesting to conserve some of the discussion on a Kolab Wiki 
page and list the pros and cons.

Am Montag, 13. Februar 2006 12:02 schrieb Fabio Pietrosanti:
> Martin Konold wrote:
> > Am Sonntag, 12. Februar 2006 12:33 schrieb Fabio Pietrosanti:

> I would like to take the opportunity to understand and discuss some
> kolab design aspects i don't understand and that i consider as a
> limitations for the projects in the route to enterprise markets.
> >> This would give many improvement:
> >> - security
> >>   With syncrepl is possible to specificy parameters for what have to be
> >> replicate and where.
> >
> > Currently Kolab needs all data anyway.
> Let's discuss why and how we should reduce/rationalize the data needed
> for kolab.

> >  e.g. for public folders access control all users arer required on all
> > servers.

Also for user folders that people from a different Kolab Server get access to.
Depending on how many folder from people on a different home server you get,
you would need to log into quite a number of Kolab Server.
When going over 10, this clearly is getting uncomfortable and the would stop 
working. However in reality, people tend to work in clusters, so the problem 
is less hard. 

With public folders, one idea to out of the trap would be to create a special 
Kolab Server that only takes public folders. This does not go too well with 
users folders as we are loosing the benefits of decentralised servers,
if we place them all on a central server for sharing.

> I'm wondering whether there could be some possible approach to reduce
> the ldap data between slave servers.
> It could be possible to introduce the concept of "ldap referral" for
> "non local users" or not to copy all the attributes but only the CN and
> needed data for public folders ACL managements?

Referals might help with the less needed data of the directory service,
but not with the email data within the folders.

If we knew which users would use which servers, we could reduce what is 
replicated a lot. Also I guess that the replication itself and the 
implementation of the directory server could be improved.
Martin is right in that replication master to slave only with the amount
of data in question should take a small amount of bandwidth and not pose


More information about the devel mailing list