>>> Michael Ströder <[email protected]> schrieb am 13.01.2020 um 12:02 in Nachricht <[email protected]>: > On 1/13/20 11:53 AM, Ulrich Windl wrote: >>>>> Michael Ströder <[email protected]> schrieb am 07.01.2020 um 20:41 in >> Nachricht <[email protected]>: >>> On 1/7/20 8:13 PM, Quanah Gibson-Mount wrote: >>>> The admin guide discusses how to replicate cn=config. >>> >>> Hmm, I vaguely remember that the conclusion on this list was that >>> replicating cn=config is currently not considered reliable enough. >> >> But it works "well enough" for many cases. I think: Let users try it, and > let >> users decide whether it does the job. > > Nobody and nothing prevents a user from trying anything and be happy > with that. > > But "users" have to be well aware of what they can expect to be a stable > and supported configuration (after meeting prerequisites). So that they > don't complain and blame others later. > > E.g. in case of replicating cn=config "users" have to understand the > strong dependency on stable IP addresses and or hostnames used for > replicas in LDAP URL part of the serverID. Which is not really obvious > to beginners.
Agreed (I'd add certificate paths, too). So I'd add such warning to the configuration guide. (If it's documented, it's a feature) > > Ciao, Michael.
