[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: slapd-meta doesn't continue with multiple uri's



On 14/08/2012 14:52, masarati@aero.polimi.it wrote:

You are.  The above is creating three targets, one pointing to host1, one
pointing to host2 and one pointing to host3.  The rest of the
configuration is associated to the last target, the others are sort of
dangling.  A correct configuration for failover would be

uri                 ldap://host1:3268/ou=dc1,dc=local
                     ldap://host2:3268/
                     ldap://host3:3268/
suffixmassage       "ou=dc1,dc=local" "dc=example,dc=com"
idassert-bind       bindmethod=simple
                     binddn="cn=proxyuser,dc=example,dc=com"
                     credentials="password"
idassert-authzfrom  "dn.exact:cn=administrator,dc=local"

Note that URIs other than the first one cannot have the DN part (the same
of the first URI is assumed).

Understood. However in that case the server never attempts to contact host2 or host3 at all. Here's the output from the debug log:


502a5ae6 >>> slap_listener(ldapi://%2Fvar%2Frun%2Fslapd%2Fldapi-meta)
502a5ae6 connection_get(8): got connid=1000
502a5ae6 connection_read(8): checking for input on id=1000
ber_get_next
ber_get_next: tag 0x30 len 43 contents:
502a5ae6 op tag 0x60, time 1344953062
ber_get_next
502a5ae6 conn=1000 op=0 do_bind
ber_scanf fmt ({imt) ber:
ber_scanf fmt (m}) ber:
502a5ae6 >>> dnPrettyNormal: <cn=administrator,dc=local>
502a5ae6 <<< dnPrettyNormal: <cn=administrator,dc=local>, <cn=administrator,dc=local>
502a5ae6 do_bind: version=3 dn="cn=administrator,dc=local" method=128
502a5ae6 conn=1000 op=0: rootdn="cn=administrator,dc=local" bind succeeded
502a5ae6 do_bind: v3 bind: "cn=administrator,dc=local" to "cn=administrator,dc=local"
502a5ae6 send_ldap_result: conn=1000 op=0 p=3
502a5ae6 send_ldap_response: msgid=1 tag=97 err=0
ber_flush2: 14 bytes to sd 8
502a5ae6 connection_get(8): got connid=1000
502a5ae6 connection_read(8): checking for input on id=1000
ber_get_next
ber_get_next: tag 0x30 len 44 contents:
502a5ae6 op tag 0x63, time 1344953062
ber_get_next
502a5ae6 conn=1000 op=1 do_search
ber_scanf fmt ({miiiib) ber:
502a5ae6 >>> dnPrettyNormal: <dc=local>
502a5ae6 <<< dnPrettyNormal: <dc=local>, <dc=local>
ber_scanf fmt ({mm}) ber:
ber_scanf fmt ({M}}) ber:
ldap_create
ldap_url_parse_ext(ldap://host3:3268)
ldap_url_parse_ext(ldap://host2:3268)
ldap_url_parse_ext(ldap://host1:3268)
502a5ae6 conn=1000 op=1: meta_back_getconn[0]
502a5ae6 conn=1000 op=1 meta_back_getconn: candidates=1 conn=ROOTDN inserted
502a5ae6 conn=1000 op=1 >>> meta_back_search_start[0]
502a5ae6 conn=1000 op=1 >>> meta_search_dobind_init[0]
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP host1:3268
ldap_new_socket: 10
ldap_prepare_socket: 10
ldap_connect_to_host: Trying 192.168.1.1:3268
ldap_pvt_connect: fd: 10 tm: 5 async: -1
ldap_ndelay_on: 10
ldap_int_poll: fd: -1 tm: 0
502a5ae6 conn=1000 op=1 <<< meta_search_dobind_init[0]=4
502a5ae6 conn=1000 op=1 <<< meta_back_search_start[0]=4
502a5ae6 conn=1000 op=1 meta_back_search: ncandidates=1 cnd="*"
502a5ae6 conn=1000 op=1 >>> meta_search_dobind_init[0]
ldap_sasl_bind
ldap_send_initial_request
ldap_int_poll: fd: 10 tm: 0
502a5ae6 conn=1000 op=1 <<< meta_search_dobind_init[0]=4
502a5ae6 conn=1000 op=1 >>> meta_search_dobind_init[0]

ldap_sasl_bind
ldap_send_initial_request
ldap_int_poll: fd: 10 tm: 0
502a5ae6 conn=1000 op=1 <<< meta_search_dobind_init[0]=4
502a5ae6 conn=1000 op=1 >>> meta_search_dobind_init[0]

ldap_sasl_bind
ldap_send_initial_request
ldap_int_poll: fd: 10 tm: 0
502a5ae6 conn=1000 op=1 <<< meta_search_dobind_init[0]=4
502a5ae6 conn=1000 op=1 >>> meta_search_dobind_init[0]

...etc

--
Liam Gretton                                    liam.gretton@le.ac.uk
HPC Architect                                 http://www.le.ac.uk/its
IT Services                                   Tel: +44 (0)116 2522254
University of Leicester, University Road
Leicestershire LE1 7RH, United Kingdom