-----Ursprüngliche Nachricht----- An: openldap-technical@openldap.org; Von: Liam Gretton liam.gretton@leicester.ac.uk Gesendet: Di 14.08.2012 15:18 Betreff: slapd-meta doesn't continue with multiple uri's
I've been trying to get slapd-meta to failover using multiple URIs but can't get it to work.
Initially I was using 2.4.26, but having seen the report in ITS#7050 I've now built 2.4.32 but the problem is still there as far as I can tell. This bug was quashed in 2.4.29 according to the change log.
In the example below, if host1 is not contactable at the point a search is performed, host2 will be contacted and the result returned correctly but ldapsearch then hangs indefinitely and the server's debug (level 1) output spews the following messages endlessly:
ldap_sasl_bind ldap_send_initial_request ldap_int_poll: fd: 10 tm: 0 502a4634 conn=1001 op=1 <<< meta_search_dobind_init[0]=4 502a4634 conn=1001 op=1 >>> meta_search_dobind_init[0]
Here's the relevant portion of slapd.conf:
database meta suffix dc=local rootdn cn=administrator,dc=local rootpw secret
network-timeout 3
uri ldap://host1:3268/ou=dc1,dc=local uri ldap://host2:3268/ou=dc1,dc=local uri ldap://host3:3268/ou=dc1,dc=local
suffixmassage "ou=dc1,dc=local" "dc=example,dc=com"
idassert-bind bindmethod=simple binddn="cn=proxyuser,dc=example,dc=com" credentials="password"
idassert-authzfrom "dn.exact:cn=administrator,dc=local"
Am I doing something wrong or has the bug described in ITS#7050 crept back in?
-- Liam Gretton liam.gretton@le.ac.uk HPC Architect http://www.le.ac.uk/its IT Services Tel: +44 (0)116 2522254 University of Leicester, University Road Leicestershire LE1 7RH, United Kingdom
Did You ever try
uri "ldap://host1:3268/ou=dc1,dc=local" "ldap://host2:3268" "ldap://host3:3268" ?