[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: ldap.conf and multiple URI's
Your ldap.conf file contains directives which are not recongized
by OpenLDAP Software. Hence, I suspect you have confused some
other ldap.conf file for OpenLDAP's ldap.conf(5) file.
Kurt
At 04:45 PM 7/31/2005, Michael Eichenberger wrote:
>I've setup ldap.conf to have multiple URI's, so when the first OpenLDAP Slave doesn't answer, the second OpenLDAP Slave should answer.
>
>It doesn't work as planned. I get:
>ldap-02 openldap # ldapsearch -b "ou=people,ou=backup,ou=pam,ou=service,o=stepping-stone,c=ch" -s sub -x -D "cn=Manager,o=stepping-stone,c=ch" -w secret "(uid=*)" -v
>ldap_initialize( <DEFAULT> )
>
>After this nothing :-(
>
>The following two queries work:
>ldap-02 openldap # ldapsearch -H ldaps://ldap-01.int.stepping-stone.ch -b "ou=people,ou=backup,ou=pam,ou=service,o=stepping-stone,c=ch" -s sub -x -D "cn=Manager,o=stepping-stone,c=ch" -w secret "(uid=*)" -v
>
>ldap-02 openldap # ldapsearch -H ldaps://ldap-02.int.stepping-stone.ch -b "ou=people,ou=backup,ou=pam,ou=service,o=stepping-stone,c=ch" -s sub -x -D "cn=Manager,o=stepping-stone,c=ch" -w secret "(uid=*)" -v
>
>Do I have the syntax in the ldap.conf wrong (see below)? Or have I got a wrong understanding, of how this failover should work?
>
>
>OpenLDAP Version: 2.2.27
>
>Contents of ldap.conf:
>SIZELIMIT 200
>TIMELIMIT 10
>DEREF never
>URI ldaps://ldap-02.int.stepping-stone.ch ldaps://ldap-01.int.stepping-stone.ch
>BASE o=stepping-stone, c=ch
>BINDDN cn=Manager,o=stepping-stone,c=ch
>BINDPW {SSHA}******
>TLS_CACERT /etc/ssl/certs/swiss-certificate.ch.cert.pem
>
>Many thanks in advance for any help!
>
>Kind regards, Michael
>
>--
>visit: http://www.stepping-stone.ch
>--
>e-mail: michael.eichenberger@stepping-stone.ch
>mobile: +41 76 392 36 23
>icq: 238901781