[opencms-dev] Questions about OCEE-Cluster and LDAP modules
Michael Emmerich
m.emmerich at alkacon.com
Tue Jul 28 08:35:53 CEST 2015
Hello Kai,
as you also posted this to the list, I will reply to it here.
> Hello list,
> I know, those questions should go directly to the guys from Alkacon. But I thought, these questions, and the answers could be of interest for everybody.
> So here we go:
>
>
> 1. What happens, when I delete an LDAP-User (or group) in my identity management system (e.g. Active Directory)? Is that user or group automatically deleted in all of my OpenCms instances (in all clusters)? If so, when does this happen?
When a user is deleted in LDAP, it stays in the OpenCms database (How
should OpenCms "know" that something has been deleted in LDAP?). But
there is a Scheduled job that will remove users from OpenCms that are
not in LDAP anymore. This has been added to one of the last OCEE releases.
>
> 2. If I have an already synchronized LDAP-User or group in my OpenCms instance and I delete this user. Is that user or group also deleted in LDAP (if I would allow an application to write to my LDAP server.
No, OpenCms will not delete anything in LDAP.
>
> 3. If I have an already synchronized LDAP-User in my OpenCms instance and his password is changed in LDAP. Can I still login to OpenCms with my password saved in OpenCms or does OpenCms check against LDAP, if there is a new password?
Users are synchronized when users try to log in. Therefore you will need
the new password.
>
> 4. Can I configure the LDAP connector to synchronize OpenCms' additional user info fields with LDAP attributes?
Yes, LDAP attributes can be mapped to user additional infos.
>
> 5. When does OpenCms get updates from changes of attributes in LDAP for a user (e.g. his postal address or email address has changed). Let's say I want to generate a telephone list based users stored in the OpenCms users. How sure can I be, that those information are correct?
As said in 3) Users are synchronized when they log in. Additionally,
this can be done via the Admin interface. Right now, there is no
scheduled job which could do this automatically.
>
> 6. The installation guide of the OCEE modules says, that the database tables should be converted to InnoDB. What happens, if I don't do that or have forgotten to do that? Can I easily run the converter script shipped with the OCEE modules anytime?
In modern OCEE versions, this is not required any more. I guess we can
remove this form the documentation.
>
> 7. When I understand the replication and cluster documentation correctly, I cannot have two workplace servers, each with its own database. Correct? So let's say, my workplace instance gets broken (e.g. the database server is down)? How can I get my workplace server up and running again very fast? Is there a possibility with OpenCms or do I have to create a master / master of master / slave replication on the database layer?
It is not possible to have a master/master replication. The reason is
that replication only replicated ONLINE data and no OFFLINE data.
Therefore a second "master" server would never have the correct OFFLINE
content.
Therefore its always good to have backups of your master DB.
> 8. Corresponding to question 7: Is it possible to configure several db server addresses in the jdbc connection string within the opencms.properties file, when I have a master / master database setup? Could this look like this: db.pool.default.jdbcUrl=jdbc:mysql://[primary host]:[port], [secondary host]:[port]/[database]?
As 7 is not possible, you cannot configure it this way.
> A lot of questions. Please feel free to just answer just one of them.
> When I have a complete list of answers, I will put them into the OpenCms wiki.
>
> Thanks in advance for your help.
>
> Best regards
> Kai
>
Kind regards,
Michael
--
Alkacon Software GmbH - The OpenCms Experts
Michael Emmerich
Email: m.emmerich at alkacon.com
http://www.alkacon.com
http://www.opencms.org
Geschäftsführer: Alexander Kandzior, Amtsgericht Köln, HRB 54613
More information about the opencms-dev
mailing list