• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • UC Berkeley
  • Berkeley Engineering
  • EECS

Header Search Widget

IRIS

Instructional & Research Information Systems

  • About Us
  • Get Started
  • Get Help
  • FAQ
    • FAQ: Accounts
    • FAQ: EECS Slack
    • FAQ: File Storage
    • FAQ: Hardware
    • FAQ: MacOS
    • FAQ: Mail
    • FAQ: Mailing Lists
    • FAQ: Network
    • FAQ: Security
    • FAQ: Unix
    • FAQ: Web
    • FAQ: Windows
  • Services
    • Accounts
    • Backups
    • E-mail
    • EECS Login Servers
    • File Storage
    • Infrastructure
    • Mailing Lists
    • Network
    • Printing
    • Room Reservations
    • Security
    • Software
    • Unix
    • Web
  • Policies
  • Forms
    • System Registration/Update
    • Account Request Form
    • Network Problem Report
    • SSL Certificate Request
    • All Other Forms
  • Rates

New LDAP Infrastructure Ready for Testing

September 6, 2013 by Rob McNicholas

IRIS is pleased to announce that our new LDAP infrastructure is ready for public testing. The new LDAP servers are now accessible from any on-campus host at openldap.eecs.berkeley.edu. TLS is supported on port 389 and SSL on port 636, using a new certificate from InCommon.

#Testing
Programmers and system administrators are encouraged to test any applications or scripts they maintain against this new infrastructure. The only change that should be needed for testing is to change the hostname to openldap.eecs.berkeley.edu.

Please send any questions or report any problems that come up during testing to [help@eecs.berkeley.edu](mailto:help@eecs.berkeley.edu)

#Architecture
openldap.eecs points to a redundant load balancer, which at this time is routing ldap requests to one of three backend OpenLDAP servers that are running in multi-master mode. These load balancers and backend servers are a combination of physical and virtual hosts located in independent data centers across campus (Sutardja-Dai Hall, Soda Hall, Warren Hall). With this architecture, a power or network failure in any one building will not bring the service down.

#Schema Changes
The schema is largely unchanged, save the removal of objectclasses and attributes that were added by the Sun/iPlanet IMAP and Calendar applications previously in use in the department. With the migration to bMail and bCal, these attributes are no longer needed and so have been removed.

#Timeline

  • 9/6 openldap.eecs initial public testing with a snapshot of test data. Reliability testing ongoing. [1]
  • 9/11 openldap.eecs is syncing real data from ldap.eecs. firewall is opened up to world. Testing continues. Reliability testing done.
  • 9/18 Assuming no major problems reported, ldap.eecs and ldap.cs become nicknames for opendap.eecs

#Notes
[1] During the next week IRIS will be conducting reliability testing, meaning we will be taking down some of the servers to ensure the service as a whole stays up. This testing might affect performance but should be completed by 9/11/2013.

Filed Under: News

Primary Sidebar

IRIS Service Status

Green
We have 0 Active Incidents, and 0 Scheduled Maintenances noted.

IST Service Status

Outages to campus services are listed at berkeley.statusdashboard.com.

Recent Highlights

IRIS to begin syncing names from CalNet

March 9, 2023 by Lars Rohrbach

Upcoming Change to EECS Firewall Handling of SSH

September 22, 2022 by Lars Rohrbach

  • About
  • Contact
  • PRIVACY
  • ACCESSIBILITY
  • NONDISCRIMINATION

© 2022–2023 UC Regents  |  Log in