Re: Help with complex redundant LDAP setup
Capelle, Mark (PCMC-GB) wrote:
> Now the authentication part is where is becomes complicated.
Nope. Just list "srv1-sitea" and "srv1-siteb" in the authenticate
section. If the server is up (and was used) for the authorize query, it
had better be up for the authentication portion.
> I am sure there is probably an easy way to accomplish this so that for
> each OU ("site") it uses both LDAP servers ("srv1","srv2") in a
> redundant fashion, but how to do it is something I am having a heck of a
> time figuring out.
You do not want to do redundancy AND redundancy. That's redundant.
Just do one level of redundancy, in the "authorize" section. The
correct module will then be picked for the "authenticate" section.
There's no need to set up another level of redundancy.
Alan DeKok.
This archive was generated by a fusion of
Pipermail (Mailman edition) and
MHonArc.