[Samba] ldap passdb failover
James Andrewartha
jamesa at daa.com.au
Wed Jan 11 04:45:46 GMT 2006
Hi,
Does the
passdb backend = ldapsam:"ldap://ldap.daa.com.au ldap://yaminon.daa.com.au",
smbpasswd
syntax actually do proper failover? I have a samba 3.0.9 server on FC2
that's been overheating (our aircon failed), and the ldap server doesn't
start automatically. The logs said:
[2006/01/10 08:55:47, 0] lib/smbldap.c:smbldap_open_connection(678)
Failed to issue the StartTLS instruction: Can't contact LDAP server
Later, doing some testing, I stopped the local (primary) ldap server and
after a little while got this:
[2006/01/11 11:39:02, 4] passdb/pdb_ldap.c:ldapsam_getsampwnam(1300)
ldapsam_getsampwnam: Unable to locate user [rhiannon] count=0
The backup server does work, because nss_ldap for unix logins fails over
fine (which confused me a little while). Looking at the code:
http://websvn.samba.org/cgi-bin/viewcvs.cgi/tags/release-3-0-9/source/lib/smbldap.c?rev=3781&view=auto
in smbldap_open_connection the URI is parsed manually for the first server
only if HAVE_LDAP_INITIALIZE is unset, meaning there's no failover. I'm
using the FC2 rpm, but "ldap_init failed" isn't in the smbd binary, implying
to me that it was defined at compile time. FWIW the code on the trunk seems
to be pretty much the same.
Anyway, does anyone have a verified working example of ldapsam: with two
ldap servers that does work when the first server is down? Or is it one of
those edge-case, "should work" minor features that just escapes testing?
--
James Andrewartha
Systems Administrator
Data Analysis Australia Pty Ltd
More information about the samba
mailing list