Christoph G. wrote:
Hi there
Can anyone help me with this one?
I'm stuck and this becomes rather urgent for us.
Any help would be highly appreciated.
Have you tried it with a single hostname that resolves to two IPs?
IFAIK, none of the bundled helpers are designed to do failover to
secondary servers like this.
Amos
Best Regards,
Christoph G.
Christoph G. wrote:
Dear Squid-Users
I tried to figure out, how to setup up my squid auth helpers
to use a second LDAP server if the first one is unreachable.
From several postings on this mailing list I thougth that
squid_ldap_auth and squid_ldap_group which come with the
squid source are able to support this option:
e.g. http://www.squid-cache.org/mail-archive/squid-users/200412/0290.html
And reading the man page also lets me believe that I can just pass
two IP addresses to make it work:
http://linux.die.net/man/8/squid_ldap_auth
---snip---
-h ldapserver
Specify the LDAP server to connect to. Servers (!) can also be
specified last on the command line.
---snap---
So I tried this on the command line:
# squid_ldap_auth -b "dc=some,dc=com" -f "sAC=%s" -D
"cn=ad,ou=Users,dc=some,dc=com" -w "***" -c 2 -t 2 -p 3268 -h
"10.0.0.1 10.0.0.2"
This works fine if the first IP (10.0.0.1) is answering properly to my
LDAP requests but it doesn't if only the second host (10.0.0.2) is
reachable and answering LDAP requests.
Instead I get the following error message:
someone ***
squid_ldap_auth: WARNING, could not bind to binddn 'Can't contact
LDAP server'
ERR Success
I'm using Squid Cache: Version 2.7.STABLE4.
What am I doing wrong?
Best Regards,
Christoph G.
--
Please be using
Current Stable Squid 2.7.STABLE6 or 3.0.STABLE13
Current Beta Squid 3.1.0.5
