> On 14/08/2012 14:52, [email protected] wrote: > >> You are. The above is creating three targets, one pointing to host1, >> one >> pointing to host2 and one pointing to host3. The rest of the >> configuration is associated to the last target, the others are sort of >> dangling. A correct configuration for failover would be >> >> uri ldap://host1:3268/ou=dc1,dc=local >> ldap://host2:3268/ >> ldap://host3:3268/ >> suffixmassage "ou=dc1,dc=local" "dc=example,dc=com" >> idassert-bind bindmethod=simple >> binddn="cn=proxyuser,dc=example,dc=com" >> credentials="password" >> idassert-authzfrom "dn.exact:cn=administrator,dc=local" >> >> Note that URIs other than the first one cannot have the DN part (the >> same >> of the first URI is assumed). > > Understood. However in that case the server never attempts to contact > host2 or host3 at all. Here's the output from the debug log:
Correct. When host1 is down, host2 is contacted instead, and so forth. p.
