Re: slapd-meta doesn't continue with multiple uri's

[Liam Gretton <liam.gretton@leicester.ac.uk>]

On 14/08/2012 21:57, masarati@aero.polimi.it wrote:

> bind-timeout and network-timeout have specific, connection-level meaning.
> Just "timeout <seconds>" (you can make it search-specific if you don't
> want it to affect other operations, using "timeout search=<seconds>".

Setting timeout doesn't solve the problem, but it changes the behaviour. 
Now the ldapsearch times out after the value specified and reports:

result: 11 Administrative limit exceeded
text: Operation timed out

...but the LDAP server still doesn't attempt to contact the failover 
hosts. I've also verified this with tcpdump.

To recap, here's my current config. I can't help but think I'm doing 
something obviously wrong here if it's working for others.


database            meta
suffix              dc=local
rootdn              cn=administrator,dc=local
rootpw              secret

network-timeout     1
timeout             1

uri                 ldap://host1:3268/ou=dc1,dc=local
                    ldap://host2:3268/
                    ldap://host3:3268/

suffixmassage       "ou=dc1,dc=local" "dc=example,dc=com"

idassert-bind       bindmethod=simple
                    binddn="cn=proxyuser,dc=example,dc=com"
                    credentials="password"

idassert-authzfrom  "dn.exact:cn=administrator,dc=local"


--
Liam Gretton                                    liam.gretton@le.ac.uk
HPC Architect                                http://www.le.ac.uk/its/
IT Services                                   Tel: +44 (0)116 2522254
University Of Leicester, University Road
Leicestershire LE1 7RH, United Kingdom