3. The Big Picture - Configuration Choices

This section gives a brief overview of various LDAP directory configurations, and how your stand-alone LDAP server slapd(8) fits in with the rest of the world.

3.1. Local Directory Service

In this configuration, you run a slapd which provides directory service for your local domain only. It does not interact with other directory servers in any way. This configuration is shown in Figure 3.1.

Figure 3.1: Local service configuration.

Use this configuration if you are just starting out (it's the one the quick-start guide makes for you) or if you want to provide a local service and are not interested in connecting to the rest of the world. It's easy to upgrade to another configuration later if you want.

3.2. Local Directory Service with Referrals

In this configuration, you run a slapd which provides directory service for your local domain and configure it to return referrals to a superior service capable of handling requests outside your local domain. You may run this service yourself or use one provided to you. This configuration is shown in Figure 3.2.

Figure 3.2: Local service with referrals

Use this configuration if you want to provide local service and participate in the Global Directory.

3.3. Replicated Directory Service

The slurpd daemon is used to propagate changes from a master slapd to one or more slave slapds. An example master-slave configuration is shown in figure 3.3.

Figure 3.3: Replicated Directory Services

This configuration can be used in conjunction with either of the first two configurations in situations where a single slapd does not provide the required reliability or availability.

3.4. Distributed Local Directory Service

In this configuration, the local service is partitioned into smaller services, each of which may be replicated, and glued together with superior and subordinate referrals.