[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: GSSAPI and LVS Load balanced ldap servers



Today at 4:16pm, Quanah Gibson-Mount wrote:

--On Monday, February 02, 2009 3:13 PM -0500 Francis Swasey <Frank.Swasey@uvm.edu> wrote:

We've finally reached the point in replacing our old authentication
system that I'm attempting to get GSSAPI working with our ldap.uvm.edu
system.

Good luck. :) The only way I ever got this working was via software load balancing on round-robin DNS, where the virtual name would resolve to the actual host.

LVS is a software load balancer. What software load balancer did you use that also used DNS round-robin (or am I completely confused in my understanding of what you just wrote)?


My guess is that once you're connected to "ldap.uvm.edu" it gets the IP addr of the real system it's connected to, and that doesn't match ldap.uvm.edu, giving you a mismatch.

Yeah, that's my guess too of the current failure.

--
Frank Swasey                    | http://www.uvm.edu/~fcs
Sr Systems Administrator        | Always remember: You are UNIQUE,
University of Vermont           |    just like everyone else.
  "I am not young enough to know everything." - Oscar Wilde (1854-1900)