I’m setting up (Open)LDAP on my old Newton installation (and no, I’m *NOT* upgrading!! Last time I did that, it took me two, three months to get back to a somewhat-working state), with the LDAP servers behind a HAProxy LB.
I’m trying to have one at a time enabled to see if I can get them working individually before I try them as a whole/group.. I tried all day yesterday, and I could do the initial connection, but not get any results - “can’t contact ldap server”. I see the connection in the logs, but don’t get any results back. Now, first thing I did this morning was to just run the exact same command (kinit && ldapwhoami) that I did last night. AND IT WORKED!! No idea why! It shouldn’t have. Glad it did, but since I can’t explain WHY it worked, it’s annoying!! :) So I then disabled that (working) LDAP server in the LB member list and enabled the second. And now that is experiencing the same problem as the first yesterday… I didn’t change anything else - last thing I did before I went to bed last night was try the ldapwhoami command -> “can’t contact ldap server”. And the very first thing I did this morning was kdestroy my ticket, get a new one and then run ldapwhoami. I’ve run with multiple types of debugging, but there’s nothing obvious (I’m quite knowledgeable about LDAP so know how to debug THAT, but not OS/HAProxy). So … “something” internally in OS changed. Any suggestions to what or how to debug this?
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : [email protected] Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
