I am looking for some advice and information. I have configured multiple LDAPs in a Mirror-Mode configuration and fronted by OpenLDAP in proxy mode. I understand that the list contained in the DBURI attribute is used to define the backends, and all the proxies are configured with the same list. I understand that first URI in the DbURI attribute will be used unless this fails, in which case it will fall back to the second URI. It will then keep on the second one until that one fails. This seems fine for most failure cases, when all proxies recognise the same failure. If communication fails between one proxy and the one backend LDAP and doesn't affect all proxies, writes will now be directed to different backends from different proxies. Is there some way to keep the proxies in-line or recognise a failure on one proxy and force the others to change. Thanks in advance
Wayne McNaught
I have done some further research and can see in the code that a debug message is generated in the ldap_back_retry function when the proxy can't access the backend server, but this message just shows the priority order of the back ends before the failure and not the new back-end that it is going to communicate with. Can anyone think of a better way to detect which backed the proxy has switched too. Or am I trying to do something crazy that no one else does?
openldap-technical@openldap.org