httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 49632] mod_authnz_ldap denies users when search is performed at AD root.
Date Wed, 21 Jul 2010 21:42:05 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=49632

--- Comment #2 from Tom McLaughlin <tmclaugh@sdf.lonestar.org> 2010-07-21 17:42:03 EDT
---
Only problem I could see with searching a global catalog is often times the GC
servers are a subset of your DCs.  You may have multiple DCs per site with only
one GC in that site.  From my recollection of AD topology recommendations that
is an advisable setup according to MS.  (It's to balance availability with
replication load.)  For redundancy with mod_authnz_ldap you would end up
pointing to the local site GC and a foreign site's GC instead of just utilizing
the local site DCs.

ref:
http://technet.microsoft.com/en-us/library/cc978012.aspx
http://technet.microsoft.com/en-us/library/cc728188%28WS.10%29.aspx

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message