[Samba] Samba LDAP Failover
Stephan
steffo76 at gmx.de
Mon Apr 2 11:12:45 MDT 2012
Am 02.04.2012 07:43, schrieb Massimiliano Perantoni:
> Hi,
>
>> the distribution is a Debian 6 but I compiled samba myself against a self
>> compiled openldap 2.4.26.
>
> Actually the only difference is the openldap client libraries version,
> I do use 2.3 instead of 2.4, but using getent, as I stated before,
> works...
>
> If I do getent passwd I get, with the failure, the immediate list of
> local users and, after a timeout, I get the users list from the
> secondary LDAP.
> I guess that nscd is working or, at least, the service is up and
> running: never understood how does the system decide to use it or
> not...
> For what I know if I disable the service nothing changes, so that I do
> not know if nscd is working or not...
> If I stop the LDAP I get the failover with getent, but I have to wait
> for the timeout set in ldap.conf.
I honestly don't know what's going on there. I just wanted to make sure
that at getent is really working and doesn't just look that way because
nscd masks the problem.
I guess your secondary 389 server doesn't show a connection attempt in
the log when you simulate the failure of your first server ? You wrote
that you don't use ssl - is this also true in ldap.conf ?
>> The passdb backend line doesn't look different
>> than yours (except the server names of course ;-)). You are not running nscd
>> by chance ? If so does getent passwd work with a simulated ldap1 failure
>> (via iptables) and nscd shut down ?
>
> I get a timeout seconds (actualy 5 secs) delay... Then the answer,
> while samba waits for the timeout set in smb.conf then fails.
>
> Ciao a grazie!
>
>
>>
>> Am 01.04.2012 23:47, schrieb Massimiliano Perantoni:
>>
>>> Hi,
>>> could you send me the setup?
>>> Which lines did you add?
>>> Whici distro do you run?
>>>
>>> Thanks!
>>>
>>> Il 31 marzo 2012 22:11, Stephan<steffo76 at gmx.de> ha scritto:
>>>>
>>>> Am 31.03.2012 20:56, schrieb Steve Thompson:
>>>>
>>>>> On Sat, 31 Mar 2012, Massimiliano Perantoni wrote:
>>>>>
>>>>>> Well, did not try, but guess it happens the same.
>>>>>> Just for completeness, which version of samba did you use for ldap
>>>>>> failover?
>>>>>
>>>>>
>>>>>
>>>>> I was using 3.0.33 at the time, on CentOS 5 x86_64. Not sure which
>>>>> revision of CentOS; it was a while ago.
>>>>>
>>>>> Steve
>>>>
>>>>
>>>>
>>>> My samba 3.5.9 DCs are pointed at a bunch of LDAP servers as well. I just
>>>> tried (shut down the first LDAP server in the list) and it works as
>>>> expected.
>>>>
>>>> Regards
>>>> Stephan
>>>>
>>>> --
>>>> To unsubscribe from this list go to the following URL and read the
>>>> instructions: https://lists.samba.org/mailman/options/samba
>>>
>>>
>>>
>>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>
>
>
More information about the samba
mailing list