Ldap DNS SRV record support
Alan Buxey
alan.buxey at gmail.com
Wed Oct 11 19:31:22 CEST 2017
just use an LDAP connection pool - define all 3 servers as a load
balanced redundant array and then the server will
know the state of all three (and use the ones it can talk to). you
probably want to use a simple template.conf entry for
the boilerplate stuff that is the same for each server. easy
alan
On 11 October 2017 at 15:18, Dave Macias <davama at gmail.com> wrote:
> Is it possible for the module to do DNS discovery of the available ldap
> servers?
>
> I created a srv record for my ldap servers which im able to resolve.
> # domain amer.nwk.jwm2.net
> _ldap._tcp SRV 0 1 389 my-ldap-server1
> _ldap._tcp SRV 0 2 389 my-ldap-server2
> _ldap._tcp SRV 0 3 389 my-ldap-server3
>
> $ host -t srv _ldap._tcp.amer
> _ldap._tcp.amer.nwk.jwm2.net has SRV record 0 3 389
> my-ldap-server3.amer.nwk.jwm2.net.
> _ldap._tcp.amer.nwk.jwm2.net has SRV record 0 2 389
> my-ldap-server2.amer.nwk.jwm2.net.
> _ldap._tcp.amer.nwk.jwm2.net has SRV record 0 1 389
> my-ldap-server1.amer.nwk.jwm2.net.
>
>
> $ ldapsearch -LLL -H "ldap:///dc%3Damer.nwk.jwm2.net" -b dc=datacom,dc=net
> -D "cn=manager,dc=datacom,dc=net" -w '<pass>' uid=config
> dn: uid=config,ou=People,dc=datacom,dc=net
> uid: config
> cn: ECR user
> givenName: ECR
> ...
> ...
>
>
> Thanks!
> -dave
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list