Hi Kevin, Most of the LDAP libraries (for sure OpenLDAP which is what we are using) allow you to specify multiple redundant LDAP servers in the list separated by spaces. This works in a failover configuration. If a query to the first times out, it goes to the second, then the third, etc. We actually use three entries, "ldap ldap1 ldap2". ldap itself is set up in dns to round robin to the ip's of ldap1 and ldap2. This gives us load balancing and failover (albeit at a pretty long timeout interval if ldap1 is down and the dns round robin gives the ip address for ldap1.
Hope this helps, John Wade Quoting "Kevin M. Myer" <[EMAIL PROTECTED]>: > Hello, > > I'm using the patch that allows LDAP authentication with the SASL > libraries. Is > there a way to specify multiple servers to bind to so that in the event > that a > directory server becomes unavailable, a backup could be used? > > Short of that, what are folks doing in terms of > high-availiblity/redundancy for > LDAP? I've thought through scenarios of using heartbeat to determine > which > machines are up and updating DNS accordingly. I also suppose you could > do > something with a virtual IP address in a similar manner and actually get > some > load balanacing out of it too but haven't a clue where to start with > that. > > So what are you doing with LDAP to make sure its available all the > time? > > THis also spills over into postfix for the same reasons: if the main > directory > server goes down, mail will start to bounce since my virtual maps are in > LDAP. > > Any thoughts or suggestions would be greatly appreciated. > > Kevin > > -- > Kevin M. Myer > Systems Administrator > Lancaster-Lebanon Intermediate Unit 13 > (717) 560-6140 > > > > > > John Wade Director of Systems and Network Services Oakton Community College Des Plaines, IL 60016 847-635-2602
