[PVE-User] ldap authentication and fallback server
Jonathan Schaeffer
jonathan.schaeffer at univ-brest.fr
Tue Jan 8 12:21:54 CET 2013
Hi all,
I'm setting up LDAP authentication for Proxmox web UI.
The LDAP host is a VM inside the cluster, so I thought it would be nice
to setup a fallback server.
Done. But the tests are run show that the fallback server is not
contacted when the main LDAP server is not available.
Is it a bug or something I did not understand ?
I'm running PVE 2.1 and this is the setup :
get /access/domains/LDAP_IUEM
200 OK
{
"base_dn" : "ou=people,dc=univ-brest,dc=fr",
"digest" : "592a8f63824979caa2020e37d58bdbbd7ed4e68d",
"server1" : "annuaire-iuem.univ-brest.fr",
"server2" : "annuaire.univ-brest.fr",
"type" : "ldap",
"user_attr" : "uid"
}
- The authentication works OK
- I add an iptable rule to drop traffic to "annuaire-iuem" :
# iptables -I OUTPUT -p tcp -m multiport --dport 389 -d annuaire-iuem
-j DROP
- ldapsearch toward annuaire-iuem does not work (as expected) and
ldapseach toward annuaire works alright
- authentication fails with a timeout
Jonathan
--
IUEM - Service Informatique
rue Dumont D'Urville
Technopôle Brest-Iroise
29280 Plouzané
France
tel: +33 2 98 49 87 94
More information about the pve-user
mailing list