LDAP Failover

Dariush Forouher dariush at forouher.de
Thu Jul 17 06:47:20 GMT 2003


Am Mit, 2003-07-16 um 14.35 schrieb Mike Samba:
> I tried this on the general mailing list and it was suggested to me to
> ask the technical list for help on this...
> 
> I have tried samba3-beta1 and beta2 to authenticate against LDAP.  Both
> versions have worked great until I attempt LDAP failover.  In my config,
> if I try:
> 
> 	ldap server = srv1.domain.com
> 
> It works perfect.  So does:
> 
> 	ldap server = srv2.domain.com
> 
> But when I try:
> 
> 	ldap server = srv1.domain.com srv2.domain.com
> 
> This completely halts the authentication process!!  I use ethereal to
> watch the packets and LDAP packets never leave the server with this
> config line.  In debug mode, samba spits back out:
> 
> 	tree connect failed: NT_STATUS_ACCESS_DENIED
> 

we use this with mid-April CVS snapshot:

	passdb backend = ldapsam:"ldap://ldapsrv1 ldap://ldapsrv2"

You could also use something like

	passdb backend = ldapsam:ldap://ldapsrv1 ldapsam:ldap://ldapsrv2

but this way all users would show up twice...

regards
Dariush




More information about the samba-technical mailing list