httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Muzammel Asghar <muzammel.li...@gmail.com>
Subject Re: [users@httpd] Apache 2.2 not working with LDAP Fail Over Auth
Date Thu, 07 Jan 2010 19:23:43 GMT
Hi Eric

LDAP Client = apache try to linked with ldap2 if ldap1 fails i submited the
conf in which i use ldap auth for apache

LDAPTrustedMode TLS
LDAPConnectionTimeout 4

<Directory "/var/www/html/test" >


AuthName "Testing Ldap fail over"
AuthType Basic

# The LDAP server(s)
AuthLDAPURL "ldap://ldap1.mydomain.com
ldap2.mydomain.com/dc=mydomain,dc=com?uid??"
AuthBasicProvider ldap
AuthLDAPBindDN "uid=webcon,ou=WebAdmin,dc=mydomain,dc=com"
AuthLDAPBindPassword abxxyz

AuthLDAPGroupAttribute memberUid

Require ldap-group cn=WEBOU,dc=mydomain,dc=com
Order Allow,Deny
Options Indexes FollowSymLinks Multiviews
Allow from All

</Directory>

So my intention towards apache only, other ldap clients like ssh etc are
working fine with ldap fail over.

2) Regarding logs, both apahce error and access logs are not shown any
messaaes when try to connect with ldap2, browser page is still in processing
try to connect ldap2 if ldap1 is goes down.

3) Its not an ldap client issue, its bascially apache ldap client issue
which fails to connect with secondary ldap server when primary goest down,
by using above conf.

So please suggest

On Fri, Jan 8, 2010 at 12:02 AM, Eric Covener <covener@gmail.com> wrote:

> On Thu, Jan 7, 2010 at 1:59 PM, Muzammel Asghar
> <muzammel.linux@gmail.com> wrote:
>
> > So please kindly give suggestions , what i need extra to make ldap fail
> over
> > effective.
>
> What LDAP client is Apache linked with, and how does an ldapsearch
> client behave linked to the same one?
>
> What's the LogLevel debug output during the failure to connect to the
> first host?
>
> Can you try generating extended debug output with the module here:
> http://people.apache.org/~covener/ldap/<http://people.apache.org/%7Ecovener/ldap/>
>
> --
> Eric Covener
> covener@gmail.com
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

Mime
View raw message