Also Sprach Birger Toedtmann: > We use SASL1->LDAP in a clusterd HA environment with the LDAP patch > supplied by http://www.surf.org.uk/src/cyrussasl.html which AFAIK does > not support multiple LDAP servers. We are at the moment suggensting > a switch to SASL1->PAM->LDAP, which is not as fast, but will support > multiple LDAP servers the way noted above.
Isn't this supposed to result in sig 11's, because of the use of SASL at multiple layers, which it isn't able to handle? > We would be pleased if someone could implement this feature on a > standard base not by exploiting a "feature" in the current OpenLDAP libs > (which we think wasn't originally intended by the OpenLDAP folks). What do you mean, using multiple A records in round-robin? I think that's required, or at least, recommended behaviour. I don't know exactly how much benefit there is to being able to list multiple servers in a configuration file over being able to list multiple servers in DNS. Perhaps being able to both have their applications; I know if I wanted to take a dead server out of the pool I'd want to be able to do the latter, but if I wanted to test one I'd want to be able to do the former. Kinda just thinking out loud. Maybe I've missed exactly what was being argued over... Wil -- W. Reilly Cooley [EMAIL PROTECTED] Naked Ape Consulting http://nakedape.cc irc.linux.com #orlug,#pdxlug,#lnxs Conscience is a mother-in-law whose visit never ends. -- H. L. Mencken
msg04699/pgp00000.pgp
Description: PGP signature
