3 Aug
2005
3 Aug
'05
12:08 p.m.
In the authorize stage it looks in both AD and ldap. In the authenticate stage it queries both AD and ldap. The problem is that in the authenticate stage it uses the basedn of the server that returns the first ok in the authorize stage. So if the username is in both AD and ldap, openldap rejects the user because it is using the AD basedn to query the openldap server.
Is there a way for me to force the basedn for the ldap server regardless of which server returned the first ok?
How do you have this setup? Check out doc/configurable_failover. That should show you how to do it.