From: Jeff Wasilko (jeffw@smoe.org)
Date: Mon Feb 02 2004 - 16:16:24 EST
Is anyone using ldapclient for authentication with multiple
LDAP servers? Have you tested failover from one server to another?
We're in the midst of trying to move from NIS+ to LDAP, since Sun has
indicated that NIS+ is on the way out. We're running Solaris 9 with MU4.
We have 2 LDAP servers, with replication from the master to the slave.
Our clients are configured to use both of them. However, we've found that
it takes over 10 minutes for the client to switch from a failed LDAP server
to another.
We escalated this within Sun, and were told that this is how it was
designed. The ldap_cachemgr has to wait for the existing connection
to the failed LDAP server to time out before it will fail over.
While ldap_cachemgr is waiting for the time out to occur, mail bounces,
logins fail, cronjobs fail as well.
I'm really shocked that Sun would offer up LDAP as a replacement for
NIS/NIS+ with this known problem.
Has anyone found a workaround for this?
Thanks, and I'll summarize responses back to the list.
-j
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:27:57 EDT