[CentOS] redundant ldap - client config

Fri Jun 4 19:09:42 UTC 2010
Paul Heinlein <heinlein at madboa.com>

On Fri, 4 Jun 2010, aurfalien at gmail.com wrote:

> Hi all,
>
> I have a few ldap servers slaved to a primary via syncrepl, all is well.
>
> I've set my clients to auth against a few and there /etc/ldap.conf
> looks like so;
>
> uri ldap://primary.domain.com ldap://secondary.domain.com
>
> However when either primary or slaves go down, while the clients can
> log in, access is very slow, ls of any dir is painful.

I've had less than good luck using the "uri" directive with redundant 
servers. I think that "host" is deprecated, but it's worked better for 
me. I also decrease some timelimit settings.

----- %< -----
host ldap1.domain ldap2.domain
bind_timelimit 30
idle_timelimit 120
timelimit 30
----- %< -----

-- 
Paul Heinlein <> heinlein at madboa.com <> http://www.madboa.com/