> It works, but the Red Hat tools don't create the optimal configuration
> files. The following works in our environment (two LDAP servers, TLS
> required). I set the various timelimit values low to facilitate a
> fairly robust failover:
>
> # /etc/ldap.conf
> #
> # failover doesn't seem to work work using the newer, and
> # recommended, 'uri' directive.
> host ldap1.you.com ldap2.you.com
> port 389
> base dc=you,dc=com
> # encrypt queries over the wire; our servers require it
> ssl start_tls
> tls_checkpeer yes
> tls_cacertdir /etc/openldap/cacerts
> # set time limits fairly low to get benefit of failover
> bind_timelimit 30
> idle_timelimit 120
> timelimit 30
> # eof
It was a routing problem. I was indeed able to add a second ldap server
(off-site), and it worked.
Regardsm
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
