[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Failover Failure Advice

To: Anton Chu <anton.chu@telecommand.com>
Subject: Re: Failover Failure Advice
From: Howard Chu <hyc@symas.com>
Date: Tue, 18 Jan 2011 14:53:49 -0800
Cc: openldap-technical@openldap.org
In-reply-to: <AANLkTint1qzNXyRq7Wrwy8gc7jEN=RxR8YG6r5LVcUfq@mail.gmail.com>
References: <AANLkTint1qzNXyRq7Wrwy8gc7jEN=RxR8YG6r5LVcUfq@mail.gmail.com>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:2.0b8pre) Gecko/20101024 Firefox/4.0b8pre SeaMonkey/2.1b2pre

Anton Chu wrote:

I've setup a master and slave ldap service for failover; however, I'd like
some advice on how to keep the ldap clients cached with the ldap creds if ever
the master and slave ldap server goes.  I've tried to extend the time of the
caching on nscd - name server caching daemon - but it doesnt work when I add
ldap users to certain groups.  I've also tried pam caching credentials but
doesn't work that well either.  Finally, I also tried sssd but couldn't get it
to work on my Ubuntu 10.10 clients.  Anyone have simple solution that works
when slave and master ldap servers get out of commission?  I've thought about
getent passwd >> /etc/passwd cron job, etc.

Setup OpenLDAP nssov on all clients, use proxycache overlay and/or syncrepl tocontinue operating when servers and/or networks fail.


--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/

References:
- Failover Failure Advice
  - From: Anton Chu <anton.chu@telecommand.com>

Prev by Date: Failover Failure Advice
Next by Date: Re: Failover Failure Advice
Index(es):
- Chronological
- Thread