> On 14/08/2012 15:28, [email protected] wrote: >>> On 14/08/2012 14:52, [email protected] wrote: >>> >>>> You are. The above is creating three targets, one pointing to host1, >>>> one >>>> pointing to host2 and one pointing to host3. The rest of the >>>> configuration is associated to the last target, the others are sort of >>>> dangling. A correct configuration for failover would be >>>> >>>> uri ldap://host1:3268/ou=dc1,dc=local >>>> ldap://host2:3268/ >>>> ldap://host3:3268/ >>>> suffixmassage "ou=dc1,dc=local" "dc=example,dc=com" >>>> idassert-bind bindmethod=simple >>>> binddn="cn=proxyuser,dc=example,dc=com" >>>> credentials="password" >>>> idassert-authzfrom "dn.exact:cn=administrator,dc=local" >>>> >>>> Note that URIs other than the first one cannot have the DN part (the >>>> same >>>> of the first URI is assumed). >>> >>> Understood. However in that case the server never attempts to contact >>> host2 or host3 at all. Here's the output from the debug log: >> >> Correct. When host1 is down, host2 is contacted instead, and so forth. > > If I wasn't clear, I changed the config as you suggested. The debug > output I posted was from that configuration. The server never attempts > to contact anything other than host1.
Did you try stopping host1 in between client operations? I did and it works as intended. p.
