[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: ldap_sasl_interactive_bind_s: Can't contact LDAP server
2017-11-19 18:09 GMT+01:00 Turbo Fredriksson <turbo@bayour.com>:
> Have anyone tried running OpenLDAP behind HAProxy? Anything special
> one needs to do?
I do this often, without any particular issue. If you use LDAPS, you
can add option ssl-hello-chk.
Here is a sample configuration file:
global
log 127.0.0.1 local5 notice
chroot /var/lib/haproxy
user haproxy
group haproxy
daemon
quiet
defaults
log global
option dontlognull
option ldap-check
retries 3
mode tcp
balance roundrobin
option redispatch
listen openldap :389
server ldap1 IP_LDAP1:390 check
server ldap2 IP_LDAP2:390 check
server ldap3 IP_LDAP3:390 check
defaults
log global
option dontlognull
retries 3
mode tcp
balance roundrobin
option redispatch
option ssl-hello-chk
listen openldap-ssl :636
server ldap1 IP_LDAP1:637 check
server ldap2 IP_LDAP2:637 check
server ldap3 IP_LDAP3:637 check
Clément.