Fedora Directory Server not...

The Suretec Blog

Calendar

Back October '08 Forward
Mon Tue Wed Thu Fri Sat Sun
    1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30 31    

Tag Cloud

Quicksearch

Archives

October 2008
September 2008
August 2008
Recent...
Older...
ACCU: professionalism in programming
View our Directors profile on LinkedIn

Powered by

Serendipity PHP Weblog

Fedora Directory Server not good enough for Red Hat?

Sunday, February 17. 2008

Open Source
It's been an interesting week to say the least. First we see some very good discussion in the Symas My Old Flame post, then we discover Fedora Directory Server is less stable/desirable as a back end for Red Hat.

Let's put this into context, first Red Hat attack OpenLDAP, but yet they won't eat their own dog food:

We had been basing our application on fedora-ds, during the last year
we've seen great changes in this application and how its packaged. This has
made it less stable/desirable as a back end. All signs point to using
postgres on the back end as being both the easier choice and the more
reliable choice based on what we've seen.


Red Hat do a lot of great things, but why don't they do what they preach and collaborate with a proper LDAP[?] Project and get real value out of that work and not waste time and money on a dead end project.

Suretec®
Posted by Suretec in Open Source at 20:30 | Comments (14) | Trackbacks (0)
Defined tags for this entry: , , , , , , , ,
Related entries by tags:
OpenLDAP 2.4.12 Released
"When you *can* do something useful, you *should*"
Asterisk 1.6.0 is the first official release of Asterisk 1.6
OpenLDAP for Fortune 20 Enterprises
Suretec partners Symas release a MySQL Cluster back-end for OpenLDAP

Trackbacks
Trackback specific URI for this entry

No Trackbacks

Comments
Display comments as (Linear | Threaded)

*narrow minded fud. I'm the guy thats working with all that and, as it turns out, I got quoted here.

First of all, Red Hat != Fedora. It's a unique relationship I'll admit but Fedora's decision not to go with their DS server had nothing to do with Red Hat.

Second, We didn't go from Fedora-DS to Open LDAP. We went back to a relational database as LDAP was ill equipped to deal with the schema we had in mind. It just wasn't the right tool for the job.

The fact of the matter is when I got in to Fedora-DS I knew very little about LDAP but wanted an easy way for 3rd parties to plug in to our new account system. Over the last year OpenID took off and that need became less and less.

Picking Fedora-DS as my first exposure to LDAP was a very valuable experience and I'd do it again in a heartbeat. It's a great tool and the developers were always quick to help answer questions, something I can't say for all OSS projects out there.

At the end of the day LDAP was the problem, not Fedora-DS and anyone who says otherwise is misinformed.
#1 Mike McGrath (Homepage) on 2008-02-19 18:08 (Reply)
*I agree with Mike. I see nothing in his email implying that Fedora DS is a failure, simply that LDAP in general didn't solve what he needed doing.

Now of course, OpenLDAP does have extensions which would allow him to do what he wanted, but they aren't a standardized part of LDAP.
#1.1 Quanah on 2008-02-19 19:48 (Reply)
*True about Red Hat != to Fedora. It's just that the @redhat.com e-mail address confuses sometimes....

This post doesn't state anything about Fedora DS migration to OpenLDAP?

It also doesn't comment on whether LDAP is/was the right tool for the job, but merely states the Fedora DS, according to your experiences has stability issues.

Lastly, it is true that LDAP probably wasn't the right fit, as things like ACLs and Dynamic Groups are not standards track LDAP.
#1.2 Gavin Henry (Homepage) on 2008-02-19 19:56 (Reply)
*With regards to the link above "Red Hat attack OpenLDAP" - http://richmegginson.livejournal.com/7938.html - the posting in my blog.

I never attacked OpenLDAP. You either completely misunderstood my post, or you are deliberately attempting to mislead readers of your blog. All I said was that there is a lot of negativity in the OpenLDAP community towards Netscape, Red Hat, and Fedora Directory Server, much of it misinformed or deliberately misleading - such as your blog posting above? - which makes your blog posting a rich source of irony.

I go out of my way not to attack OpenLDAP. The real enemies are large, proprietary software companies.
#2 Rich Megginson (Homepage) on 2008-02-19 18:45 (Reply)
*The post isn't deliberately misleading, as I said before it states that Fedora DS has stability issues according to Mike McGrath's experiences.

As for your blog post, it's left for the reader to interpret it.

I agree completely agree with your last comments.
#2.1 Gavin Henry (Homepage) on 2008-02-19 20:11 (Reply)
*Ahh, I see the confusion there. So to clarify for those not familiar. I was using Fedora-ds (not Red Hat Directory Server)

The stability issues I refer to are packaging based. I helped test fedora-ds as it got accepted into Fedora (its quite a process to try to get a package through review into a package)

After it got accepted there were still bugs to work out on where things should go, what should be called what. Not in the actual code itself.

For the record, I never had Fedora Directory Server crash on me or lose any data or anything. It always did well except for some upgrades between packages.

Gavin, if you continue to quote me out of context (which has been cleared up now I hope) I'll give you plenty to quote about my OpenLDAP experiences when I worked at Orbitz.
#2.1.1 Mike McGrath (Homepage) on 2008-02-19 20:22 (Reply)
*OK, I guess this part confused me: we've seen great changes in this application and how its packaged

Agreed though, I think the context has been cleared up.

As for your experiences with OpenLDAP, were they with OpenLDAP built from source or the packages that Red Hat supply? That of course is a whole other post.

Enough already, I think the post has been discussed to death. I only wish more discussion was had on the lists and places where it makes a difference. These little rants do no good.

Thanks for your input though Mike.

Gavin.
#2.1.1.1 Gavin Henry (Homepage) on 2008-02-19 20:39 (Reply)
*Referring specifically to my original blog posting, you say that ". . . first Red Hat attack OpenLDAP". If that is not deliberately misleading, then you have grossly misinterpreted my posting. Since you threw the first stone, the onus is on you to explain how my posting is an attack on OpenLDAP. "it's left for the reader to interpret it." is an utter and total cop out. You make a false accusation then just leave it up to the interpretation of the reader? So, Gavin, what do you really think?
#2.1.2 Rich Megginson (Homepage) on 2008-02-19 20:58 (Reply)
*I think our real enemy is the big proprietary companies and in fact, the OpenLDAP guys are cooperating with FDS (and apacheDS etc), but that doesn't change the fact that Red Hat is doing us a lot of harm.

I guess that's where this post came from, the problem is with Red Hat the company, and its support of OpenLDAP as a bundled product.

I believe in the goodness of Open Source in general, and helping all of the Open Source LDAP projects advance.

Your post was the wrong thing to channel this gripe at.

Gavin.
#2.1.2.1 Gavin Henry (Homepage) on 2008-02-19 23:29 (Reply)
*Keep in mind that the only reason I replied to your original blog is that you accused me of attacking OpenLDAP, and I'm still waiting for an explanation or an apology, but since you have a mind to supply the rope . . .

> I think our real enemy is the big proprietary companies and in fact, the OpenLDAP guys are cooperating with FDS (and apacheDS etc),

Really? So why go out of your way to make a public blog posting attempting to cast Fedora Directory Server in a bad light? That sure doesn't seem like cooperation to me. And since you yourself are one of "the OpenLDAP guys" how exactly are you cooperating with Fedora Directory Server?

> but that doesn't change the fact that Red Hat is doing us a lot of harm.

Have you filed bugs against the Red Hat OpenLDAP package? Is Red Hat's level of support any worse than other vendors? I'll note that the maintainer for OpenLDAP in SUSE is a major contributor to OpenLDAP, so I'll give you that one.

Red Hat has many customers using the standard OpenLDAP that comes with RHEL, and Red Hat does provide support for them. And yes, many of them are satisfied with the level of support provided by Red Hat.

> Your post was the wrong thing to channel this gripe at.

There's an old saying about a black pot and a kettle . . .
#2.1.2.1.1 Rich Megginson (Homepage) on 2008-02-20 03:26 (Reply)
*In my personal opinion, it was an attack on the OpenLDAP Project as you were implying there is hate towords Red Hat and Fedora Directory Server from the OpenLDAP Project.

It wasn't an attempt to cast Fedora DS in a bad light, it was a post stating facts which have already been discussed above. And I said "OpenLDAP Guys", which might not include myself.

See more at http://www.connexitor.com/blog/pivot/entry.php?id=195#body

I personally don't currently use RH OpenLDAP packages, so I would not need to file bugs against it. I know others have and have given up. I do understand Fedora has a new OpenLDAP maintainer?

Also, the way RH maintain them for only security fixes and lib dependencies (and some of them don't even have all the overlays built) harms OpenLDAP in general since users don't get the full experience or get caught with bugs that have been fixed already. I do understand how packages work and they can't always be the latest, but certain bug fixes must be pushed out.

It not a matter of being "worse than other vendors", in fact, I can't believe you said that. That's not how standards should be set by asking "are we worse than anyone else?".

The Mandriva OpenLDAP packager is also on the list and has made separate RH RPMs for all the above reasons, reasons in the OpenLDAP list archives and reasons stated at http://www.connexitor.com/blog/pivot/entry.php?id=195#body

I can't comment on RH support as I've never dealt with it, I've only seen the RH OpenLDAP packages.
#2.1.2.1.1.1 Gavin Henry (Homepage) on 2008-02-20 12:29 (Reply)
*Do you or any reasonable person deny that there is a lot of negativity directed towards Red Hat and Fedora Directory Server on the OpenLDAP mailing lists, blogs, and IRC channels? Perhaps you feel the negativity is justified, but that's not the point. What I said was a statement of fact. I said ". . . there's so much negativity directed towards Fedora and Red Hat in general . . .". There is much evidence to support my "statement of fact". I still don't see how that could be misconstrued as an attack on OpenLDAP. I object that you are accusing me personally and as a representative of Red Hat.

When I mentioned other vendors, it wasn't to imply that "better than average" is good enough. It's to question why Red Hat is so often singled out as being especially damaging to OpenLDAP. Is it because Red Hat's dominant Linux market position makes it the first exposure many people have to OpenLDAP? And that OpenLDAP has gotten a bad rap because of that? If so, then there is opportunity for Red Hat to do better. And yes, there is a new maintainer. There are many other packages in RHEL that are not kept up to the latest upstream version - OpenLDAP is not alone in this. That's no excuse, just an admission of limited resources to apply to the problem.
#2.1.2.1.1.2 Anonymous on 2008-02-20 17:11 (Reply)
*I can only comment on what I have seen and read personally of course. I have seen the negativity you are talking about and made efforts today to see where it stems from:

http://www.openldap.org/lists/openldap-technical/200802/msg00145.html

I still see it as an attacked due to the fact of your comments regarding the OpenLDAP Developers.

I agree with the rest of your suggestions and comments. I hope we can improve the situation in the ongoing thread at:

http://www.openldap.org/lists/openldap-technical/200802/msg00145.html

and only hope either you personally or as a representative of Red Hat or someone else will participate.

Gavin.
#2.1.2.1.1.2.1 Gavin Henry (Homepage) on 2008-02-21 11:58 (Reply)
*> I still see it as an attacked due to the fact of your comments regarding the OpenLDAP Developers.

Whatever. I think I've clarified any misunderstandings with the only people who matter, and it's obvious you haven't the ability or desire to revise your position, so time to move on.

> and only hope either you personally or as a representative of Red Hat or someone else will participate.

Personally, speaking only for myself, and in no way representing Red Hat, I will be very reluctant to participate in future discussions. My comments seem to be easily misunderstood and twisted against me. If it's because of me, then I need to correct that aspect of my behavior and writing style before I attempt to engage the OpenLDAP community. I've already lost enough time defending myself against what I consider to be baseless accusations. Life is too short, and there's real work to be done.
#2.1.2.1.1.2.1.1 Rich Megginson (Homepage) on 2008-02-21 15:45 (Reply)

Add Comment

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.
BBCode format allowed
Pavatar/Gravatar/Favatar/MyBlogLog author images supported.
 
 


Original theme by David Cummins, hacked by Suretec and powered by Serendipity

Site Feeds

Comments

Gavin Henry about LDAP questions answered
Sat, 24.05.2008 00:43
*I just wanted to add that you can do sql ldap connections in PostgreSQL: http://pgfound ry.org/projects/dblink-ldap/


Gavin Henry about Running a business on desktop Linux
Tue, 13.05.2008 09:03
*Simply not true: http://www .ubuntu.com/getubuntu/download "Ubuntu 8.04 LTS Desktop E dition - Supported to 20 [...]


Memetic Engineer about Running a business on desktop Linux
Mon, 12.05.2008 19:18
*"No forced software and hardwa re upgrades every couple years " That is simply not true w ith Ubuntu ! They pro [...]


Links

Categories



All categories

Twitter