LDAP and using explicit failover

[domain/LDAP]
id_provider = ldap
auth_provider = ldap
ldap_schema = rfc2307
ldap_uri = ldap://ldapserver-1
ldap_backup_uri = ldap://ldapserver-2,ldap://ldapserver-3,ldap://ldapserver-4
ldap_rfc2307_fallback_to_local_users = true
ldap_search_base = dc=Somedomain,dc=com
ldap_user_search_base = ou=People,dc=Somedomain,dc=com
ldap_group_search_base ou=Group,dc=Somedomain,dc=com
ldap_tls_reqcert = demand
ldap_tls_cacert = /etc/openldap/cacerts/cacert.pem
cache_credentials = true
entry_cache_timeout = 600
enumerate = False
min_id = 100
ldap_network_timeout = 2
ldap_search_timeout = 5
debug_level = 0x0070
debug_microseconds = true

My test is as follows: 
I blocked the clients IP on port 389(using iptable) on ldapserver-1 and ldapserver-2, at which time, client connected to ldapserver-3. I unblocked clients IP on ldapserver-2 and I see that sssd is connects to ldapserver-2. 


Thanks 


On Mon, Sep 22, 2014 at 4:57 PM, Dmitri Pal <dpal@redhat.com> wrote:
On 09/22/2014 07:14 PM, Daniel Jung wrote:
Hi,

from sssd-ldap, 
"After this timeout SSSD will periodically try to reconnect to one of the primary servers. If it succeeds, it will replace the current active (backup) server." 

I am seeing that reconnect is made to other backup servers and not just to primary servers. Quick search on the tickets on backup server didnt find anything. Was this already fixed in the recent version or is this wanted behaviour? 

Running 1.9.2.11 on centos 6.5. 

Thanks 


_______________________________________________
sssd-users mailing list
sssd-users@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-users

What back end are you using? IPA, AD, basic LDAP?
Do you configure failover explicitly or use DNS discovery?

A sanitized sssd.conf would help to answer this.  

-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager IdM portfolio
Red Hat, Inc.

_______________________________________________
sssd-users mailing list
sssd-users@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-users