Re: Apache 2.2 not working with LDAP Fail Over Auth

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi All

Any more discussion and suggestions regarding this thread

can some one use two ldap hosts and successfully test the ldap fail over auth with apache ?

My apache conf which i mentioned is ok or not ?

Please suggest.

On Fri, Jan 8, 2010 at 12:23 AM, Muzammel Asghar <muzammel.linux@xxxxxxxxx> wrote:
Hi Eric

LDAP Client = apache try to linked with ldap2 if ldap1 fails i submited the conf in which i use ldap auth for apache

LDAPTrustedMode TLS
LDAPConnectionTimeout 4

<Directory "/var/www/html/test" >


AuthName "Testing Ldap fail over"
AuthType Basic

# The LDAP server(s)
AuthLDAPURL "ldap://ldap1.mydomain.com ldap2.mydomain.com/dc=mydomain,dc=com?uid??"
AuthBasicProvider ldap
AuthLDAPBindDN "uid=webcon,ou=WebAdmin,dc=mydomain,dc=com"
AuthLDAPBindPassword abxxyz

AuthLDAPGroupAttribute memberUid

Require ldap-group cn=WEBOU,dc=mydomain,dc=com
Order Allow,Deny
Options Indexes FollowSymLinks Multiviews
Allow from All

</Directory>

So my intention towards apache only, other ldap clients like ssh etc are working fine with ldap fail over.

2) Regarding logs, both apahce error and access logs are not shown any messaaes when try to connect with ldap2, browser page is still in processing try to connect ldap2 if ldap1 is goes down.

3) Its not an ldap client issue, its bascially apache ldap client issue which fails to connect with secondary ldap server when primary goest down, by using above conf.

So please suggest


On Fri, Jan 8, 2010 at 12:02 AM, Eric Covener <covener@xxxxxxxxx> wrote:
On Thu, Jan 7, 2010 at 1:59 PM, Muzammel Asghar
<muzammel.linux@xxxxxxxxx> wrote:

> So please kindly give suggestions , what i need extra to make ldap fail over
> effective.

What LDAP client is Apache linked with, and how does an ldapsearch
client behave linked to the same one?

What's the LogLevel debug output during the failure to connect to the
first host?

Can you try generating extended debug output with the module here:
http://people.apache.org/~covener/ldap/

--
Eric Covener
covener@xxxxxxxxx

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux