[keycloak-user] multiple ldap servers (failover)

mj lists at merit.unu.edu
Sat Nov 19 13:48:22 EST 2016


Hi Sebastien,

On 11/19/2016 07:28 PM, Sebastien Blanc wrote:
> For LDAP, looks like it must be space separated and comma separated (see
> http://docs.oracle.com/javase/jndi/tutorial/ldap/misc/url.html) . I just
> tried with "ldap://localhost:10359 ldap://localhost:10389" (the first
> one is incorrect)
>  and when pressing "Test connection" it says "success" so apparently it
> fail over correctly.
Yes, I see that too. See example #1 in my last email. (only difference: 
me: wrong dns name, you: wrong port number)

However, what I'm concerned about is my example #2, where both URLs are 
in fact correct, but only the second one is responding.
(in my case: iptables dropping traffic, but could also be something 
else, like malfuctioning ldap server)

The result of this seems to be that things NO LONGER work (a timeout). 
At least in my testing...

Do you not see that?

MJ


More information about the keycloak-user mailing list