Re: [PacketFence-users] Pakcetfence Cluster AD issue

Mon, 15 Sep 2025 05:40:34 -0700 

Hello Everyone,

Today I configured the slave DB, to try and fix this issue. But when I
break the connection between the clusters I can't login in DC2, I tried
with AD user and local user.

on the master for the slave cluster looks fine:

MariaDB [(none)]> SHOW SLAVE STATUS;
+----------------------------------+-------------+-------------+-------------+---------------+--------------------+---------------------+------------------------------+---------------+-----------------------+------------------+-------------------+-----------------+---------------------+--------------------+------------------------+-------------------------+-----------------------------+------------+------------+--------------+---------------------+-----------------+-----------------+----------------+---------------+--------------------+--------------------+--------------------+-----------------+-------------------+----------------+-----------------------+-------------------------------+---------------+---------------+----------------+----------------+-----------------------------+------------------+----------------+--------------------+------------+-------------------------------------------------+-------------------------+-----------------------------+---------------+-----------+---------------------+--------------------------------------------------------+------------------+--------------------------------+----------------------------+
| Slave_IO_State                   | Master_Host | Master_User |
Master_Port | Connect_Retry | Master_Log_File    | Read_Master_Log_Pos |
Relay_Log_File               | Relay_Log_Pos | Relay_Master_Log_File |
Slave_IO_Running | Slave_SQL_Running | Replicate_Do_DB |
Replicate_Ignore_DB | Replicate_Do_Table | Replicate_Ignore_Table |
Replicate_Wild_Do_Table | Replicate_Wild_Ignore_Table | Last_Errno |
Last_Error | Skip_Counter | Exec_Master_Log_Pos | Relay_Log_Space |
Until_Condition | Until_Log_File | Until_Log_Pos | Master_SSL_Allowed |
Master_SSL_CA_File | Master_SSL_CA_Path | Master_SSL_Cert |
Master_SSL_Cipher | Master_SSL_Key | Seconds_Behind_Master |
Master_SSL_Verify_Server_Cert | Last_IO_Errno | Last_IO_Error |
Last_SQL_Errno | Last_SQL_Error | Replicate_Ignore_Server_Ids |
Master_Server_Id | Master_SSL_Crl | Master_SSL_Crlpath | Using_Gtid |
Gtid_IO_Pos                                     | Replicate_Do_Domain_Ids |
Replicate_Ignore_Domain_Ids | Parallel_Mode | SQL_Delay |
SQL_Remaining_Delay | Slave_SQL_Running_State
 | Slave_DDL_Groups | Slave_Non_Transactional_Groups |
Slave_Transactional_Groups |
+----------------------------------+-------------+-------------+-------------+---------------+--------------------+---------------------+------------------------------+---------------+-----------------------+------------------+-------------------+-----------------+---------------------+--------------------+------------------------+-------------------------+-----------------------------+------------+------------+--------------+---------------------+-----------------+-----------------+----------------+---------------+--------------------+--------------------+--------------------+-----------------+-------------------+----------------+-----------------------+-------------------------------+---------------+---------------+----------------+----------------+-----------------------------+------------------+----------------+--------------------+------------+-------------------------------------------------+-------------------------+-----------------------------+---------------+-----------+---------------------+--------------------------------------------------------+------------------+--------------------------------+----------------------------+
| Waiting for master to send event | 10.58.0.20  | pfcluster   |
 3306 |            60 | mariadb-bin.000834 |                5348 |
BRAFORVM009-relay-bin.000002 |           779 | mariadb-bin.000834    | Yes
             | Yes               |                 |                     |
                   |                        |                         |
                        |          0 |            |            0 |
       5348 |            1094 | None            |                |
    0 | No                 |                    |                    |
            |                   |                |                     0 |
No                            |             0 |               |
 0 |                |                             |                1 |
           |                    | Slave_Pos  |
1-1-156,171573269-1-3751235,171573273-1-6470340 |                         |
                            | optimistic    |         0 |
 NULL | Slave has read all relay log; waiting for more updates |
     0 |                              0 |                          0 |
+----------------------------------+-------------+-------------+-------------+---------------+--------------------+---------------------+------------------------------+---------------+-----------------------+------------------+-------------------+-----------------+---------------------+--------------------+------------------------+-------------------------+-----------------------------+------------+------------+--------------+---------------------+-----------------+-----------------+----------------+---------------+--------------------+--------------------+--------------------+-----------------+-------------------+----------------+-----------------------+-------------------------------+---------------+---------------+----------------+----------------+-----------------------------+------------------+----------------+--------------------+------------+-------------------------------------------------+-------------------------+-----------------------------+---------------+-----------+---------------------+--------------------------------------------------------+------------------+--------------------------------+----------------------------+
1 row in set (0.000 sec)

MariaDB [(none)]>


Em sex., 5 de set. de 2025 às 07:02, Renato Pereira <[email protected]>
escreveu:

> Hello everyone,
>
> We have a packetfence cluster L3 working perfectly with 3 nodes in the
> cloud and 2 onsite, in both there are AD configured ( 2 in each one).
> The local packetfence has priority and I can see it authenticate the users.
>
> In the authentication source I configured the 4 servers and I can
> validate.In the Active Directory Domain if I access each one I can see they
> can join in the domain
> Today we had a problem with the link between the local site and the cloud,
> at this moment the local packetfence couldn't authenticate the users
> locally, during the problem I checked the Active Directory Domain and the
> local servers couldn't join to the domain.
> I checked the local AD servers and I can see the machine accounts.
> After a few minutes, the link was returned and all the servers now are
> working well.
>
> My question is, how can I set my deployment for when the link to the
> primary cluster down the local cluster keeps authentication.
>
>
>
>

_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users






















					Reply via email to