Virtual server/Real Server SASL woes

To: <openldap-software@OpenLDAP.org>

Subject: Virtual server/Real Server SASL woes

From: "Kasundra, Digant" <digant@uta.edu>

Date: Mon, 4 Oct 2004 16:35:41 -0500

Content-class: urn:content-classes:message

Thread-index: AcSqWhj+ogXAVANaRBGgAYtfQfaUbw==

Thread-topic: Virtual server/Real Server SASL woes

Title: Message

Hello friends,

I recently got a nifty little NetScaler box to load balance my servers. I created a principal for my virtual service (ldap/ldap.cedar.uta.edu) and changes the slave configurations such that the line "sasl-host" specifies ldap/ldap.cedar.uta.edu instead of the actual hostname. This works great and I can do SASL binds. But if I try to connect directly to a machine using SASL, I get a Decrypt Integrity Check Failed error. I'm assuming this is because of the now my ldap server is trying use the ldap.cedar.uta.edu name instead of the hostname (if I swtich that line, I get the opposite effect).

(How) Can I setup my OpenLDAP servers to support both direct connections and connections through the virtual service?

-- DK

-----------------------------
Digant C Kasundra
Software Systems Specialist
Office of Information Technology
University of Texas at Arlington
(817) 272-1291 - digant@uta.edu

To request technical support, please

contact our computing Help Desk at