[CentOS] apache mod_authnz_ldap: multiple servers syntaxes
kadafax at gmail.com
Wed Jul 18 13:58:19 UTC 2007
Thanks Jim for your answer:
Jim Perrin wrote:
> On 7/18/07, kfx <kadafax at gmail.com> wrote:
>> I'm trying this here first before moving to the apache list. Maybe
>> someone of you use mod_authnz_ldap with multiple ldap servers
>> declaration for redundancy.
> I'm not certain that you can do this with multiple servers. You might
> consider looking at the mod_ldap connection pooling functions for
> better performance.
>> With one server declared it is working.
>> Here is what I've tried for adding another one (space separated as read
>> in the apache's doc) :
>> Syntax error on line 43 of /etc/httpd/conf.d/trac.conf:
>> Invalid LDAP connection mode setting: must be one of NONE, SSL, or
> You're getting this because technically your syntax is wrong. There
> are a couple separate parts to the AuthLDAPUrl string, one of which is
> a security directive which follows the url. For example, I use
> something like:
> AuthLDAPUrl "ldaps://my.server.here/ou=foo,ou=bar, o=u.s, c=us?cn" SSL
> The ssl specifies the security for the url in addition to the 'ldaps'.
> It's not documented overly well in my opinion.
--> no indications on more than one ldap servers declaration
The name/port of the ldap server (defaults to |localhost:389| for
|ldap|, and |localhost:636| for |ldaps|). To specify multiple, redundant
LDAP servers, just list all servers, separated by spaces.
<http://httpd.apache.org/docs/2.2/mod/mod_authnz_ldap.html>| will try
connecting to each server in turn, until it makes a successful connection."
That's what I'm trying to do, with no result...
How do you people achieve redundancy on LDAP based web authentication ?
More information about the CentOS