LDAP Failover
Neil Marjoram
n.marjoram at adastral.ucl.ac.uk
Mon Jan 17 14:32:51 UTC 2005
After this weekends Kernel freeze on my LDAP server I decided I should
make use of the slave automatically if this ever happened again. One
solution I found was to list the servers in the URI in the
/etc/ldap.conf file :
uri ldaps://ldap2.master.co.uk:389 ldaps://ldap1.slave.co.uk:389
But this does not work, it just returns "su: user fbloggs does not exist"
Currently my ldap.conf file uses the host parameter to specify the host
name of the ldap server, placing two host parameters in the same file
does not work. Does anyone know how I can specify two ldap hosts on the
client in case my master ldap server feels unwell again?
Current /etc/ldap.conf file :
#uri ldaps://ldap2.master.co.uk:389 ldaps://ldap1.slave.co.uk:389
base dc=master,dc=co,dc=uk
rootbinddn cn=auser,ou=DSA,dc=master,dc=co,dc=uk
#scope one
#pam_filter objectclass=posixaccount
#pam_login_attribute uid
#pam_member_attribute gid
#pam_template_login_attribute uid
pam_password crypt
#nss_base_passwd ou=People,dc=master,dc=co,dc=uk?one
#nss_base_shadow ou=People,dc=master,dc=co,dc=uk?one
#nss_base_group ou=Group,dc=master,dc=co,dc=uk?one
#nss_base_hosts ou=Hosts,dc=master,dc=co,dc=uk?one
TLS_CACERT /etc/openldap/ssl/cacert.pem
host ldap2.master.co.uk
ssl start_tls
Thanks,
Neil.
--
Neil Marjoram
Systems Manager
Adastral Park Campus
University College London
Ross Building
Adastral Park
Martlesham Heath
Ipswich - Suffolk
IP5 3RE
Reclaim Your Inbox!
http://www.mozilla.org/products/thunderbird
More information about the fedora-list
mailing list