[Date Prev][Date Next]
Re: Multiple Slave LDAP Servers
--On Sunday, August 08, 2004 1:35 AM -0400 Daniel Henninger
So... here's the question. How do I go about having replicated slave
servers and yet still be able to use GSSAPI? Who else is doing
replicated slave servers and GSSAPI and how are you going about it?
Would a round-robin CNAME be a better route to go? The round-robin
cnames are working just great. We've noticed that lots of other folk are
using LDAP via LVS, but are any of you also using GSSAPI through LVS to
You can't do this. The servers need to have ldap/<REAL HOST NAME HERE>
I have this all working here at stanford.
Our load balance name is: ldap.stanford.edu
The master replicates to the hostnames:
(We have 9 replica's).
Note that you can have multiple principals in a keytab file, so you can
have both ldap/ldap.ncsu.edu and ldap/<HOST>.ncsu.edu in the same file.
This should fix your issues, as long as you have the master replicating to
the specific host names, not the load balanced host names.
Principal Software Developer
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html