[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
using ldap database (multiple upstream servers), how to force reconnect after failover?
- To: openldap-technical@openldap.org
- Subject: using ldap database (multiple upstream servers), how to force reconnect after failover?
- From: David Young <davidy@funkypenguin.co.nz>
- Date: Thu, 27 Nov 2014 12:08:54 +1300
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=funkypenguin.co.nz; s=google; h=message-id:date:from:user-agent:mime-version:to:subject :content-type:content-transfer-encoding; bh=6oFBGxlNGzS3riVkklYQ4oIyfV4BmnMQPyiHlImg1DQ=; b=SVC9SZ4Dk6baoR/utKPNUnn4vaE0Ir5CmU2IzZzv3LU4YbgtikWXXyCALy/sjTSS7A rpwrTFXsg6Vrm9LeqLne+FgnKHFqiAjouh88R4FUPGK8HYzNv0kXAZ3DFy5nNQcdtKDa up2GF4Fr1wVjD0RU5qv2acapyIc0GvUT4UCv4=
- User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
Hi technical,
We have an openldap server (v2.4.39) which acts as a reverse proxy for 2
backend servers (replicated). The intention is that we use this "proxy"
server for authentication requests for applications which can't handle
SSL, or multiple backend servers, properly.
The implementation works as designed - a query is received from a
client, passed on to the first server defined in olcDbURL (server1). If
the first server is unavailable, after a brief timeout (1 sec), the
query is passed to the second server in the oldDbURL (server2).
Here's the problem - server1 is never polled again. Queries continue to
be passed to server2, but when server2 is unavailable, all queries fail,
even if server1 is now available again.
Is there a config directive I can use to force ldap to reattempt
connection to server1 after the initial failure?
My config is below.
Thanks :)
David
---
dn: olcDatabase={1}ldap
objectClass: olcDatabaseConfig
objectClass: olcLDAPConfig
olcDatabase: {1}ldap
olcSuffix: dc=mydomain,dc=net,dc=nz
olcAddContentAcl: FALSE
olcLastMod: FALSE
olcMaxDerefDepth: 15
olcReadOnly: FALSE
olcSyncUseSubentry: FALSE
olcMonitoring: FALSE
olcDbURI: "ldaps://server1 ldaps://server2"
olcDbStartTLS: none starttls=no
olcDbRebindAsUser: FALSE
olcDbChaseReferrals: TRUE
olcDbTFSupport: no
olcDbProxyWhoAmI: FALSE
olcDbNetworkTimeout: 1
olcDbProtocolVersion: 3
olcDbSingleConn: FALSE
olcDbCancel: abandon
olcDbUseTemporaryConn: FALSE
olcDbConnectionPoolMax: 16
olcDbNoRefs: FALSE
olcDbNoUndefFilter: FALSE
structuralObjectClass: olcLDAPConfig
entryUUID: 01eb5074-6f65-1033-8a02-cd0b00053594
creatorsName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
createTimestamp: 20140514033850Z
olcDbIdleTimeout: 1m
olcDbConnTtl: 5m
entryCSN: 20140514033850.182221Z#000000#000#000000
modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
modifyTimestamp: 20140514033850Z