[Kolab-devel] Modifying the LDAP user representation for a distributed Kolab server system?

Gunnar Wrobel wrobel at pardus.de
Tue Aug 5 10:24:13 CEST 2008 

"Fabio Pietrosanti (naif)" <lists at infosecurity.ch> writes:

> Gunnar Wrobel wrote:
>> I'd like to know if people feel it makes sense to allow for such
>> splitted Kolab server setups. As far as I can see this would require
>> additional settings comparable to "kolabHomeserver" in the LDAP schema
>> for a Kolab user. There is already "kolabHomeMTA" in the schema but it
>> is currently unused.
>>   
> Great!
>
> In 2006 in installed a kolab infrastructure of more than 16 hosts and 
> was quite difficult to have all the different components separated.
>
> That's a great idea, it can make Kolab very useful for enterprise 
> deployments drammatically reducing the TCO of the infrastructure project 
> buildup and maintenance.
>
>
> Even if could be more difficult from a design point of view, it could be 
> even really cool to introduce the splitting of the data available inside 
> the ldap directory.
>
> For example keeping the passwords outside the slave ldap servers in 
> order to save the security of the system (avoid that a single server in 
> branch office, with a local compromise with offline data recovery 
> causing a strong data loss) could cause the failure of the security of 
> the whole identification infrastructure.
>
> A cool approach could be to use LDAP referral for the password field:
> http://www.openldap.org/doc/admin24/referrals.html
>
> What do you think about it?

Certainly useful. I guess you'd need to have a large amount of users
to make a splitted LDAP system necessary. I think distributing the
Kolab server would be the first level and splitting a distributed
system into different subnets would then be a second level.

Cheers,

Gunnar

>
> Regards
> Fabio
>
> _______________________________________________
> Kolab-devel mailing list
> Kolab-devel at kolab.org
> https://kolab.org/mailman/listinfo/kolab-devel

-- 
______ http://kdab.com _______________ http://kolab-konsortium.com _

p at rdus Kolab work is funded in part by KDAB and the Kolab Konsortium

____ http://www.pardus.de _________________ http://gunnarwrobel.de _
E-mail : p at rdus.de                                 Dr. Gunnar Wrobel
Tel.   : +49 700 6245 0000                          Bundesstrasse 29
Fax    : +49 721 1513 52322                          D-20146 Hamburg
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   >> Mail at ease - Rent a kolab groupware server at p at rdus <<                 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

More information about the devel mailing list