Apache 2.2 not working with LDAP Fail Over Auth

--0016361643837716f7047c97aa2e
Content-Type: text/plain; charset=ISO-8859-1

hi Guys

I am using apache version Apache/2.2.13 (Unix) on Fedora -11 , and using
ldap as url authentications. I setup my conf in -->
/etc/httpd/conf.d/mydomain.conf with below values

I define only here below the ldap related entries only.


LDAPTrustedMode TLS
LDAPConnectionTimeout 7




AuthName "Testing Ldap fail over"
AuthType Basic

# The LDAP server(s)
AuthLDAPURL "ldap://ldap1.mydomain.com
ldap2.mydomain.com/dc=mydomain,dc=com?uid??"
AuthBasicProvider ldap
AuthLDAPBindDN "uid=webcon,ou=WebAdmin,dc=mydomain,dc=com"
AuthLDAPBindPassword abxxyz

AuthLDAPGroupAttribute memberUid

Require ldap-group cn=WEBOU,dc=mydomain,dc=com
Order Allow,Deny
Options Indexes FollowSymLinks Multiviews
Allow from All




So its working when primary ldap1 server is up but for testing i down the
ldap1 and then do check, so apache not forwarded the auth request to ldap2.
I want to immediate ldap failover if primary ldap1 is down so it connects
to ldap2 after just some seconds. For this i can find directive
"LDAPConnectionTimeout" in docs i can try it to define 7 seconds as mention
above in conf, but still it fails to connect with ldap2.

So please kindly give suggestions , what i need extra to make ldap fail over
effective.

--0016361643837716f7047c97aa2e
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

hi Guys



I am using apache version Apache/2.2.13 (Unix) on Fedora -11 , and
using ldap as url authentications. I setup my conf in -->
/etc/httpd/conf.d/mydomain.conf with below values



I define only here below the ldap related entries only.





LDAPTrustedMode TLS

LDAPConnectionTimeout 7



<Directory "/var/www/html/test" >





AuthName "Testing Ldap fail over"

AuthType Basic



# The LDAP server(s)

AuthLDAPURL "ldap://ldap=
1.mydomain.com com?uid?">ldap2.mydomain.com/dc=3Dmydomain,dc=3Dcom?uid??"

AuthBasicProvider ldap

AuthLDAPBindDN "uid=3Dwebcon,ou=3DWebAdmin,dc=3Dmydomain,dc=3D=
com"

AuthLDAPBindPassword abxxyz



AuthLDAPGroupAttribute memberUid



Require ldap-group cn=3DWEBOU,dc=3Dmydomain,dc=3Dcom

Order Allow,Deny

Options Indexes FollowSymLinks Multiviews

Allow from All



</Directory>





So its working when primary ldap1 server is up but for testing i down
the ldap1 and then do check, so apache not forwarded the auth request
to ldap2. I want to immediate ldap failover if
primary ldap1 is down so it connects=A0 to ldap2 after just some
seconds. For this i can find directive "LDAPConnectionTimeout" in=
docs
i can try it to define 7 seconds as mention above in conf, but still it fai=
ls to connect with
ldap2.



So please kindly give suggestions , what i need extra to make ldap fail ove=
r effective.
=09

--0016361643837716f7047c97aa2e--

Re: Apache 2.2 not working with LDAP Fail Over Auth

On Thu, Jan 7, 2010 at 1:59 PM, Muzammel Asghar
wrote:

> So please kindly give suggestions , what i need extra to make ldap fail over
> effective.

What LDAP client is Apache linked with, and how does an ldapsearch
client behave linked to the same one?

What's the LogLevel debug output during the failure to connect to the
first host?

Can you try generating extended debug output with the module here:
http://people.apache.org/~covener/ldap/

--
Eric Covener
covener@gmail.com

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: Apache 2.2 not working with LDAP Fail Over Auth

--001485f91ca05bb96a047c9802d2
Content-Type: text/plain; charset=ISO-8859-1

Hi Eric

LDAP Client = apache try to linked with ldap2 if ldap1 fails i submited the
conf in which i use ldap auth for apache

LDAPTrustedMode TLS
LDAPConnectionTimeout 4




AuthName "Testing Ldap fail over"
AuthType Basic

# The LDAP server(s)
AuthLDAPURL "ldap://ldap1.mydomain.com
ldap2.mydomain.com/dc=mydomain,dc=com?uid??"
AuthBasicProvider ldap
AuthLDAPBindDN "uid=webcon,ou=WebAdmin,dc=mydomain,dc=com"
AuthLDAPBindPassword abxxyz

AuthLDAPGroupAttribute memberUid

Require ldap-group cn=WEBOU,dc=mydomain,dc=com
Order Allow,Deny
Options Indexes FollowSymLinks Multiviews
Allow from All



So my intention towards apache only, other ldap clients like ssh etc are
working fine with ldap fail over.

2) Regarding logs, both apahce error and access logs are not shown any
messaaes when try to connect with ldap2, browser page is still in processing
try to connect ldap2 if ldap1 is goes down.

3) Its not an ldap client issue, its bascially apache ldap client issue
which fails to connect with secondary ldap server when primary goest down,
by using above conf.

So please suggest

On Fri, Jan 8, 2010 at 12:02 AM, Eric Covener wrote:

> On Thu, Jan 7, 2010 at 1:59 PM, Muzammel Asghar
> wrote:
>
> > So please kindly give suggestions , what i need extra to make ldap fail
> over
> > effective.
>
> What LDAP client is Apache linked with, and how does an ldapsearch
> client behave linked to the same one?
>
> What's the LogLevel debug output during the failure to connect to the
> first host?
>
> Can you try generating extended debug output with the module here:
> http://people.apache.org/~covener/ldap/
>
> --
> Eric Covener
> covener@gmail.com
>
> ------------------------------------------------------------ ---------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

--001485f91ca05bb96a047c9802d2
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Hi Eric

LDAP Client =3D apache try to linked with ldap2 if ldap1 fai=
ls i submited the conf in which i use ldap auth for apache

LDAPTrus=
tedMode TLS

LDAPConnectionTimeout 4



<Directory "/var/www/html/test" >





AuthName "Testing Ldap fail over"

AuthType Basic



# The LDAP server(s)

AuthLDAPURL "ldap://ldap=
1.mydomain.com com?uid?">ldap2.mydomain.com/dc=3Dmydomain,dc=3Dcom?uid??"

AuthBasicProvider ldap

AuthLDAPBindDN "uid=3Dwebcon,ou=3DWebAdmin,dc=3Dmydomain,dc=3D=
com"

AuthLDAPBindPassword abxxyz



AuthLDAPGroupAttribute memberUid



Require ldap-group cn=3DWEBOU,dc=3Dmydomain,dc=3Dcom

Order Allow,Deny

Options Indexes FollowSymLinks Multiviews

Allow from All



</Directory>

So my intention towards apache only, othe=
r ldap clients like ssh etc are working fine with ldap fail over.

2)=
Regarding logs, both apahce error and access logs are not shown any messaa=
es when try to connect with ldap2, browser page is still in processing try =
to connect ldap2 if ldap1 is goes down.


3) Its not an ldap client issue, its bascially apache ldap client issue=
which fails to connect with secondary ldap server when primary goest down,=
by using above conf.

So please suggest

Re: Apache 2.2 not working with LDAP Fail Over Auth

--0016361e7d84a7956b047caaa173
Content-Type: text/plain; charset=ISO-8859-1

Hi All

Any more discussion and suggestions regarding this thread

can some one use two ldap hosts and successfully test the ldap fail over
auth with apache ?

My apache conf which i mentioned is ok or not ?

Please suggest.

On Fri, Jan 8, 2010 at 12:23 AM, Muzammel Asghar
wrote:

> Hi Eric
>
> LDAP Client = apache try to linked with ldap2 if ldap1 fails i submited the
> conf in which i use ldap auth for apache
>
> LDAPTrustedMode TLS
> LDAPConnectionTimeout 4
>
>
>
>
> AuthName "Testing Ldap fail over"
> AuthType Basic
>
> # The LDAP server(s)
> AuthLDAPURL "ldap://ldap1.mydomain.com
> ldap2.mydomain.com/dc=mydomain,dc=com?uid??"
> AuthBasicProvider ldap
> AuthLDAPBindDN "uid=webcon,ou=WebAdmin,dc=mydomain,dc=com"
> AuthLDAPBindPassword abxxyz
>
> AuthLDAPGroupAttribute memberUid
>
> Require ldap-group cn=WEBOU,dc=mydomain,dc=com
> Order Allow,Deny
> Options Indexes FollowSymLinks Multiviews
> Allow from All
>
>
>
> So my intention towards apache only, other ldap clients like ssh etc are
> working fine with ldap fail over.
>
> 2) Regarding logs, both apahce error and access logs are not shown any
> messaaes when try to connect with ldap2, browser page is still in processing
> try to connect ldap2 if ldap1 is goes down.
>
> 3) Its not an ldap client issue, its bascially apache ldap client issue
> which fails to connect with secondary ldap server when primary goest down,
> by using above conf.
>
> So please suggest
>
>
> On Fri, Jan 8, 2010 at 12:02 AM, Eric Covener wrote:
>
>> On Thu, Jan 7, 2010 at 1:59 PM, Muzammel Asghar
>> wrote:
>>
>> > So please kindly give suggestions , what i need extra to make ldap fail
>> over
>> > effective.
>>
>> What LDAP client is Apache linked with, and how does an ldapsearch
>> client behave linked to the same one?
>>
>> What's the LogLevel debug output during the failure to connect to the
>> first host?
>>
>> Can you try generating extended debug output with the module here:
>> http://people.apache.org/~covener/ldap/
>>
>> --
>> Eric Covener
>> covener@gmail.com
>>
>> ------------------------------------------------------------ ---------
>> The official User-To-User support forum of the Apache HTTP Server Project.
>> See for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>

--0016361e7d84a7956b047caaa173
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Hi All

Any more discussion and suggestions regarding this thread
=

can some one use two ldap hosts and successfully test the ldap fail ove=
r auth with apache ?

My apache conf which i mentioned is ok or not ?=



Please suggest.

Re: Apache 2.2 not working with LDAP Fail Over Auth

On Fri, Jan 8, 2010 at 12:36 PM, Muzammel Asghar
wrote:
> Hi All
>
> Any more discussion and suggestions regarding this thread
>
> can some one use two ldap hosts and successfully test the ldap fail over
> auth with apache ?

Works for me. I couldn't understand any of your attempts to answer
the questions that were asked.

--
Eric Covener
covener@gmail.com

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: Apache 2.2 not working with LDAP Fail Over Auth

--0016361e8906a2ca6f047caaebf4
Content-Type: text/plain; charset=ISO-8859-1

Hi

Thanks Erics, now i mention the conf section which i configure for ldap fail
over auth, you can please check and tell its ok or not, becuase its not
currently working with ldap fail over.

I can setup this file in my --> /etc/httpd/conf.d/ldaptest.config

I define only here below the ldap related entries only.


LDAPTrustedMode TLS
LDAPConnectionTimeout 4




AuthName "Testing Ldap fail over"
AuthType Basic

# The LDAP server(s)
AuthLDAPURL "ldap://ldap1.mydomain.com
ldap2.mydomain.com/dc=mydomain,dc=com?uid??"
AuthBasicProvider ldap
AuthLDAPBindDN "uid=webcon,ou=WebAdmin,dc=mydomain,dc=com"
AuthLDAPBindPassword abxxyz

AuthLDAPGroupAttribute memberUid

Require ldap-group cn=WEBOU,dc=mydomain,dc=com
Order Allow,Deny
Options Indexes FollowSymLinks Multiviews
Allow from All



Kindly suggest please , what i missed for fail over.


On Fri, Jan 8, 2010 at 10:48 PM, Eric Covener wrote:

> On Fri, Jan 8, 2010 at 12:36 PM, Muzammel Asghar
> wrote:
> > Hi All
> >
> > Any more discussion and suggestions regarding this thread
> >
> > can some one use two ldap hosts and successfully test the ldap fail over
> > auth with apache ?
>
> Works for me. I couldn't understand any of your attempts to answer
> the questions that were asked.
>
> --
> Eric Covener
> covener@gmail.com
>
> ------------------------------------------------------------ ---------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

--0016361e8906a2ca6f047caaebf4
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Hi

Thanks Erics, now i mention the conf section which i configure f=
or ldap fail over auth, you can please check and tell its ok or not, becuas=
e its not currently working with ldap fail over.

I can setup this fi=
le in my --> /etc/httpd/conf.d/ldaptest.config


I define only here below the ldap related entries only.





LDAPTrustedMode TLS

LDAPConnectionTimeout 4



<Directory "/var/www/html/test" >





AuthName "Testing Ldap fail over"

AuthType Basic



# The LDAP server(s)

AuthLDAPURL "ldap://ldap=
1.mydomain.com com?uid?">ldap2.mydomain.com/dc=3Dmydomain,dc=3Dcom?uid??"

AuthBasicProvider ldap

AuthLDAPBindDN "uid=3Dwebcon,ou=3DWebAdmin,dc=3Dmydomain,dc=3D=
com"

AuthLDAPBindPassword abxxyz



AuthLDAPGroupAttribute memberUid



Require ldap-group cn=3DWEBOU,dc=3Dmydomain,dc=3Dcom

Order Allow,Deny

Options Indexes FollowSymLinks Multiviews

Allow from All



</Directory>


Kindly suggest please , what i missed for fail over.

Re: Apache 2.2 not working with LDAP Fail Over Auth

On Fri, Jan 8, 2010 at 12:57 PM, Muzammel Asghar
wrote:
> Hi
>
> Thanks Erics, now i mention the conf section which i configure for ldap fail
> over auth, you can please check and tell its ok or not, becuase its not
> currently working with ldap fail over.

That is all handled by the LDAP library, not Apache. What's going on
at the network level? What does your LogLevel debug errorlog say? Did
you try the debug moduel I posted in the first followup?

--
Eric Covener
covener@gmail.com

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: Apache 2.2 not working with LDAP Fail Over Auth

--0016e64711befe6368047cab0a09
Content-Type: text/plain; charset=ISO-8859-1

Hi

Thanks Eric, currently ldap is running fine, i can use ssh and ftp auth with
ldap also, its working f9 and also with ldap fail over auth.

Now in apache case, its also working f9 with ldap1 but when ldap1 goes down,
its not forward request to ldap2, this problem is for apache only, other
ldap clients are working f9, so i think its apache problem, so that's why i
submiteed my conf. please suggest.


On Fri, Jan 8, 2010 at 11:00 PM, Eric Covener wrote:

> On Fri, Jan 8, 2010 at 12:57 PM, Muzammel Asghar
> wrote:
> > Hi
> >
> > Thanks Erics, now i mention the conf section which i configure for ldap
> fail
> > over auth, you can please check and tell its ok or not, becuase its not
> > currently working with ldap fail over.
>
> That is all handled by the LDAP library, not Apache. What's going on
> at the network level? What does your LogLevel debug errorlog say? Did
> you try the debug moduel I posted in the first followup?
>
> --
> Eric Covener
> covener@gmail.com
>
> ------------------------------------------------------------ ---------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

--0016e64711befe6368047cab0a09
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Hi

Thanks Eric, currently ldap is running fine, i can use ssh and ft=
p auth with ldap also, its working f9 and also with ldap fail over auth. >
Now in apache case, its also working f9 with ldap1 but when ldap1 goes=
down, its not forward request to ldap2, this problem is for apache only, o=
ther ldap clients are working f9, so i think its apache problem, so that=
9;s why i submiteed my conf. please suggest.

Re: Apache 2.2 not working with LDAP Fail Over Auth

--0016361e7a6649443c047cac692d
Content-Type: text/plain; charset=ISO-8859-1

Hi Eric

Kindly send ur sample apache conf for ldap fail over auth so i can compare
my values with it. or please suggest how to make it effective.

Thanks

On Fri, Jan 8, 2010 at 11:06 PM, Muzammel Asghar
wrote:

> Hi
>
> Thanks Eric, currently ldap is running fine, i can use ssh and ftp auth
> with ldap also, its working f9 and also with ldap fail over auth.
>
> Now in apache case, its also working f9 with ldap1 but when ldap1 goes
> down, its not forward request to ldap2, this problem is for apache only,
> other ldap clients are working f9, so i think its apache problem, so that's
> why i submiteed my conf. please suggest.
>
>
>
> On Fri, Jan 8, 2010 at 11:00 PM, Eric Covener wrote:
>
>> On Fri, Jan 8, 2010 at 12:57 PM, Muzammel Asghar
>> wrote:
>> > Hi
>> >
>> > Thanks Erics, now i mention the conf section which i configure for ldap
>> fail
>> > over auth, you can please check and tell its ok or not, becuase its not
>> > currently working with ldap fail over.
>>
>> That is all handled by the LDAP library, not Apache. What's going on
>> at the network level? What does your LogLevel debug errorlog say? Did
>> you try the debug moduel I posted in the first followup?
>>
>> --
>> Eric Covener
>> covener@gmail.com
>>
>> ------------------------------------------------------------ ---------
>> The official User-To-User support forum of the Apache HTTP Server Project.
>> See for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>

--0016361e7a6649443c047cac692d
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Hi Eric

Kindly send ur sample apache conf for ldap fail over auth so=
i can compare my values with it. or please suggest how to make it effectiv=
e.

Thanks

Re: Apache 2.2 not working with LDAP Fail Over Auth

--001636284f74fdb647047cadfe21
Content-Type: text/plain; charset=ISO-8859-1

Guys if any one successfully implement ldap fail over auth with apache then
please give suggestions, as i think its the right mailling list from where i
can put questions and need feedbacks.

Thanks

On Sat, Jan 9, 2010 at 12:44 AM, Muzammel Asghar
wrote:

> Hi Eric
>
> Kindly send ur sample apache conf for ldap fail over auth so i can compare
> my values with it. or please suggest how to make it effective.
>
> Thanks
>
>
> On Fri, Jan 8, 2010 at 11:06 PM, Muzammel Asghar > > wrote:
>
>> Hi
>>
>> Thanks Eric, currently ldap is running fine, i can use ssh and ftp auth
>> with ldap also, its working f9 and also with ldap fail over auth.
>>
>> Now in apache case, its also working f9 with ldap1 but when ldap1 goes
>> down, its not forward request to ldap2, this problem is for apache only,
>> other ldap clients are working f9, so i think its apache problem, so that's
>> why i submiteed my conf. please suggest.
>>
>>
>>
>> On Fri, Jan 8, 2010 at 11:00 PM, Eric Covener wrote:
>>
>>> On Fri, Jan 8, 2010 at 12:57 PM, Muzammel Asghar
>>> wrote:
>>> > Hi
>>> >
>>> > Thanks Erics, now i mention the conf section which i configure for ldap
>>> fail
>>> > over auth, you can please check and tell its ok or not, becuase its not
>>> > currently working with ldap fail over.
>>>
>>> That is all handled by the LDAP library, not Apache. What's going on
>>> at the network level? What does your LogLevel debug errorlog say? Did
>>> you try the debug moduel I posted in the first followup?
>>>
>>> --
>>> Eric Covener
>>> covener@gmail.com
>>>
>>> ------------------------------------------------------------ ---------
>>> The official User-To-User support forum of the Apache HTTP Server
>>> Project.
>>> See for more info.
>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>
>>>
>>
>

--001636284f74fdb647047cadfe21
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Guys if any one successfully implement ldap fail over auth with apache then=
please give suggestions, as i think its the right mailling list from where=
i can put questions and need feedbacks.

Thanks

Re: Apache 2.2 not working with LDAP Fail Over Auth

--0014853a76b64e66ba047cbba0e4
Content-Type: text/plain; charset=ISO-8859-1

Hi Eric and other Guys

I just want to clarify one more.

Fail over cases

Case 1) If ldap1 server is unreachable (in case of ISP down or internet link
down)

Case 2) If ldap1 server is up and accessible and running but ldap service is
not running only.

I can check thoroughly, Apache failover works only in Case 2 only, i need a
also it works with case 1, but if primary ldap1 is down as mentioned in case 1
then its apache still trying to connect with ldap1 not forward request to
ldap2.

I hope now you can understand my problem, Please suggest.



On Sat, Jan 9, 2010 at 2:37 AM, Muzammel Asghar wrote:

> Guys if any one successfully implement ldap fail over auth with apache then
> please give suggestions, as i think its the right mailling list from where i
> can put questions and need feedbacks.
>
> Thanks
>
>
> On Sat, Jan 9, 2010 at 12:44 AM, Muzammel Asghar > > wrote:
>
>> Hi Eric
>>
>> Kindly send ur sample apache conf for ldap fail over auth so i can compare
>> my values with it. or please suggest how to make it effective.
>>
>> Thanks
>>
>>
>> On Fri, Jan 8, 2010 at 11:06 PM, Muzammel Asghar <
>> muzammel.linux@gmail.com> wrote:
>>
>>> Hi
>>>
>>> Thanks Eric, currently ldap is running fine, i can use ssh and ftp auth
>>> with ldap also, its working f9 and also with ldap fail over auth.
>>>
>>> Now in apache case, its also working f9 with ldap1 but when ldap1 goes
>>> down, its not forward request to ldap2, this problem is for apache only,
>>> other ldap clients are working f9, so i think its apache problem, so that's
>>> why i submiteed my conf. please suggest.
>>>
>>>
>>>
>>> On Fri, Jan 8, 2010 at 11:00 PM, Eric Covener wrote:
>>>
>>>> On Fri, Jan 8, 2010 at 12:57 PM, Muzammel Asghar
>>>> wrote:
>>>> > Hi
>>>> >
>>>> > Thanks Erics, now i mention the conf section which i configure for
>>>> ldap fail
>>>> > over auth, you can please check and tell its ok or not, becuase its
>>>> not
>>>> > currently working with ldap fail over.
>>>>
>>>> That is all handled by the LDAP library, not Apache. What's going on
>>>> at the network level? What does your LogLevel debug errorlog say? Did
>>>> you try the debug moduel I posted in the first followup?
>>>>
>>>> --
>>>> Eric Covener
>>>> covener@gmail.com
>>>>
>>>> ------------------------------------------------------------ ---------
>>>> The official User-To-User support forum of the Apache HTTP Server
>>>> Project.
>>>> See for more info.
>>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>>
>>>>
>>>
>>
>

--0014853a76b64e66ba047cbba0e4
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Hi Eric and other Guys=



I just want to clarify one more. 

Fail over cases

Cas=

e 1) If ldap1 server is unreachable (in case of ISP down or internet link
r>

down)

Case 2) If ldap1 server is up and accessible and running but l=

dap service is
not running only.

I can check thoroughly, Apache f=

ailover works only in Case 2 only, i need a
also it works with case 1, b=

ut if primary ldap1 is down as mentioned in case 1


then its apache still trying to connect with ldap1 not forward request to
r>ldap2.

I hope now you can understand my problem, Please suggest.  =

  

Re: Apache 2.2 not working with LDAP Fail Over Auth

On Sat, Jan 9, 2010 at 8:53 AM, Muzammel Asghar
wrote:
> Hi Eric and other Guys
>
> I just want to clarify one more.
>
> Fail over cases
>
> Case 1) If ldap1 server is unreachable (in case of ISP down or internet link
>
> down)
>
> Case 2) If ldap1 server is up and accessible and running but ldap service is
> not running only.

Apache tells the LDAP library the timeout you've specified, and passes
the two hostnames to the LDAP library unmodified. The LDAP library is
the one that has to understand the meaning of providing the two
hostnames, and when/how to fail over.

Perhaps your Apache is linked with a different library then the other
software on your system if the other software handles both cases.
pmap or lsof or fuser will tell you what LDAP library is loaded by the
different pieces of software at runtime.

The debug library I linked to in my first response might provide
additional messages from the LDAP library itself, but since you
haven't even included the LogLevel debug messages from Apache after 8
emails on the subject, that might be asking a lot.


--
Eric Covener
covener@gmail.com

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: Apache 2.2 not working with LDAP Fail Over Auth

--0016361e7cf4bc6c7d047cc0ae83
Content-Type: text/plain; charset=ISO-8859-1

Right thanks, i check late this email, i have started the apache in debug
mode but no logs comes in error and access logs, let me verify again and
then update you.

so much thanks, i will update you.



On Sat, Jan 9, 2010 at 8:50 PM, Eric Covener wrote:

> On Sat, Jan 9, 2010 at 8:53 AM, Muzammel Asghar
> wrote:
> > Hi Eric and other Guys
> >
> > I just want to clarify one more.
> >
> > Fail over cases
> >
> > Case 1) If ldap1 server is unreachable (in case of ISP down or internet
> link
> >
> > down)
> >
> > Case 2) If ldap1 server is up and accessible and running but ldap service
> is
> > not running only.
>
> Apache tells the LDAP library the timeout you've specified, and passes
> the two hostnames to the LDAP library unmodified. The LDAP library is
> the one that has to understand the meaning of providing the two
> hostnames, and when/how to fail over.
>
> Perhaps your Apache is linked with a different library then the other
> software on your system if the other software handles both cases.
> pmap or lsof or fuser will tell you what LDAP library is loaded by the
> different pieces of software at runtime.
>
> The debug library I linked to in my first response might provide
> additional messages from the LDAP library itself, but since you
> haven't even included the LogLevel debug messages from Apache after 8
> emails on the subject, that might be asking a lot.
>
>
> --
> Eric Covener
> covener@gmail.com
>
> ------------------------------------------------------------ ---------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

--0016361e7cf4bc6c7d047cc0ae83
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Right thanks, i check late this email, i have started the apache in debug m=
ode but no logs comes in error and access logs, let me verify again and the=
n update you.

so much thanks, i will update you.



class=3D"gmail_quote">
On Sat, Jan 9, 2010 at 8:50 PM, Eric Covener < =3D"mailto:covener@gmail.com">covener@gmail.com> wrote:
lockquote class=3D"gmail_quote" style=3D"border-left: 1px solid rgb(204, 20=
4, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
On Sat, Jan 9, 2010 at 8:53 AM, Muzammel Asghar

Re: Apache 2.2 not working with LDAP Fail Over Auth

--0016361e7cf48385d7047cc0f0bd
Content-Type: text/plain; charset=ISO-8859-1

Hi Eric

Below comes in apache debug logs when primary ldap1 is unreachable or down.

[Sat Jan 09 20:05:58 2010] [debug] proxy_util.c(1806): proxy: grabbed
scoreboard slot 0 in child 22152 for worker proxy:reverse
[Sat Jan 09 20:05:58 2010] [debug] proxy_util.c(1825): proxy: worker
proxy:reverse already initialized
[Sat Jan 09 20:05:58 2010] [debug] proxy_util.c(1922): proxy: initialized
single connection worker 0 in child 22152 for (*)

Please suggest

On Sun, Jan 10, 2010 at 12:55 AM, Muzammel Asghar
wrote:

> Right thanks, i check late this email, i have started the apache in debug
> mode but no logs comes in error and access logs, let me verify again and
> then update you.
>
> so much thanks, i will update you.
>
>
>
>
> On Sat, Jan 9, 2010 at 8:50 PM, Eric Covener wrote:
>
>> On Sat, Jan 9, 2010 at 8:53 AM, Muzammel Asghar
>> wrote:
>> > Hi Eric and other Guys
>> >
>> > I just want to clarify one more.
>> >
>> > Fail over cases
>> >
>> > Case 1) If ldap1 server is unreachable (in case of ISP down or internet
>> link
>> >
>> > down)
>> >
>> > Case 2) If ldap1 server is up and accessible and running but ldap
>> service is
>> > not running only.
>>
>> Apache tells the LDAP library the timeout you've specified, and passes
>> the two hostnames to the LDAP library unmodified. The LDAP library is
>> the one that has to understand the meaning of providing the two
>> hostnames, and when/how to fail over.
>>
>> Perhaps your Apache is linked with a different library then the other
>> software on your system if the other software handles both cases.
>> pmap or lsof or fuser will tell you what LDAP library is loaded by the
>> different pieces of software at runtime.
>>
>> The debug library I linked to in my first response might provide
>> additional messages from the LDAP library itself, but since you
>> haven't even included the LogLevel debug messages from Apache after 8
>> emails on the subject, that might be asking a lot.
>>
>>
>> --
>> Eric Covener
>> covener@gmail.com
>>
>> ------------------------------------------------------------ ---------
>> The official User-To-User support forum of the Apache HTTP Server Project.
>> See for more info.
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>

--0016361e7cf48385d7047cc0f0bd
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Hi Eric

Below comes in apache debug logs when primary ldap1 is unrea=
chable or down.

[Sat Jan 09 20:05:58 2010] [debug] proxy_util.c(1806=
): proxy: grabbed scoreboard slot 0 in child 22152 for worker proxy:reverse=


[Sat Jan 09 20:05:58 2010] [debug] proxy_util.c(1825): proxy: worker proxy:=
reverse already initialized
[Sat Jan 09 20:05:58 2010] [debug] proxy_uti=
l.c(1922): proxy: initialized single connection worker 0 in child 22152 for=
(*)


Please suggest

Re: Apache 2.2 not working with LDAP Fail Over Auth

--001485f8778aa89020047cc12bc6
Content-Type: text/plain; charset=ISO-8859-1

HI Eric

I can close browser and access url again but this time no error comes in
error log file in debugging mode, but my request url is currently still in
processing and apache is trying to seek ldap1.

Muzi

On Sun, Jan 10, 2010 at 1:13 AM, Muzammel Asghar
wrote:

> Hi Eric
>
> Below comes in apache debug logs when primary ldap1 is unreachable or down.
>
> [Sat Jan 09 20:05:58 2010] [debug] proxy_util.c(1806): proxy: grabbed
> scoreboard slot 0 in child 22152 for worker proxy:reverse
> [Sat Jan 09 20:05:58 2010] [debug] proxy_util.c(1825): proxy: worker
> proxy:reverse already initialized
> [Sat Jan 09 20:05:58 2010] [debug] proxy_util.c(1922): proxy: initialized
> single connection worker 0 in child 22152 for (*)
>
> Please suggest
>
>
> On Sun, Jan 10, 2010 at 12:55 AM, Muzammel Asghar <
> muzammel.linux@gmail.com> wrote:
>
>> Right thanks, i check late this email, i have started the apache in debug
>> mode but no logs comes in error and access logs, let me verify again and
>> then update you.
>>
>> so much thanks, i will update you.
>>
>>
>>
>>
>> On Sat, Jan 9, 2010 at 8:50 PM, Eric Covener wrote:
>>
>>> On Sat, Jan 9, 2010 at 8:53 AM, Muzammel Asghar
>>> wrote:
>>> > Hi Eric and other Guys
>>> >
>>> > I just want to clarify one more.
>>> >
>>> > Fail over cases
>>> >
>>> > Case 1) If ldap1 server is unreachable (in case of ISP down or internet
>>> link
>>> >
>>> > down)
>>> >
>>> > Case 2) If ldap1 server is up and accessible and running but ldap
>>> service is
>>> > not running only.
>>>
>>> Apache tells the LDAP library the timeout you've specified, and passes
>>> the two hostnames to the LDAP library unmodified. The LDAP library is
>>> the one that has to understand the meaning of providing the two
>>> hostnames, and when/how to fail over.
>>>
>>> Perhaps your Apache is linked with a different library then the other
>>> software on your system if the other software handles both cases.
>>> pmap or lsof or fuser will tell you what LDAP library is loaded by the
>>> different pieces of software at runtime.
>>>
>>> The debug library I linked to in my first response might provide
>>> additional messages from the LDAP library itself, but since you
>>> haven't even included the LogLevel debug messages from Apache after 8
>>> emails on the subject, that might be asking a lot.
>>>
>>>
>>> --
>>> Eric Covener
>>> covener@gmail.com
>>>
>>> ------------------------------------------------------------ ---------
>>> The official User-To-User support forum of the Apache HTTP Server
>>> Project.
>>> See for more info.
>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>> " from the digest: users-digest-unsubscribe@httpd.apache.org
>>> For additional commands, e-mail: users-help@httpd.apache.org
>>>
>>>
>>
>

--001485f8778aa89020047cc12bc6
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

HI Eric

I can close browser and access url again but this time no er=
ror comes in error log file in debugging mode, but my request url is curren=
tly still in processing and apache is trying to seek ldap1.

Muzi

Re: Apache 2.2 not working with LDAP Fail Over Auth

can you elaborate on the solution you alluded to in the bugzilla? I
am guessing LDAPConnectionTimeout should be configuring a different
option keyword?

What did you change, and where did you change it?

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org