[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Slapd-meta and multiple uri
- To: openldap-technical@openldap.org
- Subject: Slapd-meta and multiple uri
- From: Nicolas RENAULT <nicolas_renault@yahoo.fr>
- Date: Wed, 22 Jul 2015 18:33:22 +0200
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.fr; s=s2048; t=1437582804; bh=fNIwmF6n0n4zcf2dRSlT/3qzIS3ueBkctzmpdiZrUd4=; h=Date:From:To:Subject:From:Subject; b=InCCso4QbU2JblFldQrMlUpBlA2VS9ugl0Ae5cpoJlH3aqB9+YsUe+e1bBjIoTttnWj06mnYWtStN0XaIRPLodX8laXL7XW2fACxmRDfYQC/R1t3iixXQMQRarkL+6d4cmEsmB9WMo8QM+ez0nir0/vQ//I8SgFW3IgbA0IaD5IQxOc4yPsqptHye3N2PFN/RpPSyjTT+HU1etkibTFYxrIKSJjrxtEjjCATME5hUUqaFaOaSkcwAEdWMDz7kjI9NI84PPRtBCTf326O84q4XJ2Hi0PwHObNm3SkNR1VquANqbM442ulb8YIILMzOtM+c8A0n2P3L3L9/gXEx0c7Jg==
- User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.8.0
Hello ,
I have a problem with meta and multiple uri :
Two AD server
opensuse 13.1
openldap 2.4.39 (install from repo)
make a meta backend that work but I when I configure it I use this
directive , try to make a failover conf :
uri ldap://172.17.150.47:3268/ou=AD,ou=TOUT,dc=example,dc=fr
ldap://172.17.150.48:3268/
Work like a charm until 172.17.150.47 go down --> slapd never try to
contact 172.17.150.48 ...
slapd.conf ( relevant part )
----------------------------------------------------------
network-timeout 1
timeout 3
idletimeout 10
writetimeout 10
database meta
suffix "ou=AD,ou=TOUT,dc=example,dc=fr"
uri ldap://172.17.150.47:3268/ou=AD,ou=TOUT,dc=example,dc=fr
ldap://172.17.150.48:3268/
suffixmassage "ou=AD,ou=TOUT,dc=example,dc=fr" "dc=example,dc=fr"
idassert-bind bindmethod=simple
binddn="cn=xxxxxx,cn=Users,dc=example,dc=fr" credentials=<secret> mode=none
idassert-authzFrom "dn.regex:.*"
--------------------------------------------------------------
I search on the list and found this :
http://www.openldap.org/lists/openldap-technical/201208/msg00231.html
(one post on the thread, I read all of them)
The problem is exactly the same : if I start slapd and 172.17.150.47 not
present (iptable output drop or reject) never ask 172.17.150.48 (tcpdump
on the interface of slapd server)
in http://www.openldap.org/lists/openldap-technical/201208/msg00247.html
(same thread)
Howard Chu :
Sounds like you should file an ITS.
Pierangelo: looking at libldap/request.c and libldap/.open.c, it appears that
request.c:ldap_new_connection() expects open.c:ldap_int_open_connection() to
return -2 on an asynch open, but ldap_int_open_connection() unconditionally
returns 0. This is probably interfering with back-meta's urllist_proc.
--
-- Howard Chu
CTO, Symas Corp.http://www.symas.com
Director, Highland Sunhttp://highlandsun.com/hyc/
Chief Architect, OpenLDAPhttp://www.openldap.org/project/
so I look to the ITS 7372
http://www.openldap.org/its/index.cgi/Incoming?id=7372;selectid=7372
But no answers, and no trace on changelog
it's something wrong in my conf (if so tell me what) and if no can some
of the dev take a look at the problem ?
Thank's and have a good day.
Nicolas