12218 – OpenLDAP Multi-Master Replication

Bug 12218 - OpenLDAP Multi-Master Replication

Summary: OpenLDAP Multi-Master Replication

Status:	CLOSED FIXED

Alias:	None

Product:	Infrastructure
Classification:	Unclassified
Component:	--- (show other bugs)
Version:	unspecified
Hardware:	unspecified Unspecified

Importance:	Will affect all users Crash
Assignee:	Michael Tremer
QA Contact:

URL:
Keywords:

Depends on:
Blocks:

Reported:	2019-10-24 15:19 UTC by Michael Tremer
Modified:	2021-10-22 17:57 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Michael Tremer 2019-10-24 15:19:13 UTC

I tried setting this up today, but no luck. I wasted hours and hours on this.

The TLS connection between auth01 and auth02 comes up now, but there is no Kerberos authentication happening between the two hosts. I do not have any further debug information apart from a SASL error message and that is it.

Comment 1 Peter Müller 2020-12-07 21:18:30 UTC

https://wiki.ipfire.org/devel/telco/2020-12-07

This seems to cause _major_ infrastructure hiccups any time Debian ships an LDAP update requiring a reboot afterwards.

Comment 2 Michael Tremer 2021-10-22 17:57:01 UTC

I consider this being solved now.

I set up the second LDAP/Kerberos server which is running on a different hardware host.

Most applications will continue using the first server (which won't be a problem with the little load that we have at the moment) and will fall back to the other one in case they need to.

Both are writable and replicate all changes to each other.