[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap.conf and multiple URI's

Your ldap.conf file contains directives which are not recongized
by OpenLDAP Software.  Hence, I suspect you have confused some
other ldap.conf file for OpenLDAP's ldap.conf(5) file.


At 04:45 PM 7/31/2005, Michael Eichenberger wrote:
>I've setup ldap.conf to have multiple URI's, so when the first OpenLDAP Slave doesn't answer, the second OpenLDAP Slave should answer.
>It doesn't work as planned. I get:
>ldap-02 openldap # ldapsearch  -b "ou=people,ou=backup,ou=pam,ou=service,o=stepping-stone,c=ch" -s sub -x -D "cn=Manager,o=stepping-stone,c=ch" -w secret "(uid=*)" -v
>ldap_initialize( <DEFAULT> )
>After this nothing :-(
>The following two queries work:
>ldap-02 openldap # ldapsearch -H ldaps://ldap-01.int.stepping-stone.ch -b "ou=people,ou=backup,ou=pam,ou=service,o=stepping-stone,c=ch" -s sub -x -D "cn=Manager,o=stepping-stone,c=ch" -w secret "(uid=*)" -v
>ldap-02 openldap # ldapsearch -H ldaps://ldap-02.int.stepping-stone.ch -b "ou=people,ou=backup,ou=pam,ou=service,o=stepping-stone,c=ch" -s sub -x -D "cn=Manager,o=stepping-stone,c=ch" -w secret "(uid=*)" -v
>Do I have the syntax in the ldap.conf wrong (see below)? Or have I got a wrong understanding, of how this failover should work?
>OpenLDAP Version: 2.2.27
>Contents of ldap.conf:
>SIZELIMIT       200
>TIMELIMIT       10
>DEREF           never
>URI             ldaps://ldap-02.int.stepping-stone.ch ldaps://ldap-01.int.stepping-stone.ch
>BASE            o=stepping-stone, c=ch
>BINDDN          cn=Manager,o=stepping-stone,c=ch
>BINDPW          {SSHA}******
>TLS_CACERT /etc/ssl/certs/swiss-certificate.ch.cert.pem
>Many thanks in advance for any help!
>Kind regards, Michael
>visit: http://www.stepping-stone.ch
>e-mail: michael.eichenberger@stepping-stone.ch
>mobile: +41 76 392 36 23
>icq: 238901781