I'll note that all of your 3 problems were caused by you using MIT
Kerberos instead of Heimdal. Stanford has been using OpenLDAP in
production for
I presume you are right. However:
1) Buchan has built the sasl & co against Heimdal for me, but I'm still
having problems. It's better now, but I can still kill the server if I
try hard enough. Probably good enough for the "real life", but...
(Possibly these packs aren't well done, or something is still missing,
and this will solve itself on a few days.)
Have a remote process that queries the server (from Nagios), that pages
us if slapd stops responding.
Nagios?
This was the one that actually bothered me, because I wasn't sure how to
assure that query returns (either result or failure) in reasonable time.
In the meantime, I looked at perl::Net::LDAP, and saw that one can define
the timeout there. Good enough 4 me.