ldap package question

J

John Gordon

I'm using the ldap package to connect to an ldap server and run a query.
Very simple code, along these lines:

con = ldap.initialize(uri)
con.simple_bind_s(user, password)
results = con.search_s(group, ldap.SCOPE_SUBTREE, filter, attrs)
for r in results:
# inspect the results

I'm experiencing some intermittent failures and I think it's because the
URI I'm connecting to is actually an alias (proxy? load-balancer? I'm not
sure of the right word here) for a pool of servers, one of which is flaky.

Is there a way to ask the connection object exactly which server I'm
connected to?
 
M

Michael Ströder

John said:
I'm using the ldap package to connect to an ldap server and run a query.
Very simple code, along these lines:

con = ldap.initialize(uri)
con.simple_bind_s(user, password)
results = con.search_s(group, ldap.SCOPE_SUBTREE, filter, attrs)
for r in results:
# inspect the results

I'm experiencing some intermittent failures
Click to expand...

What effects do you see? How do you detect a failure?
and I think it's because the
URI I'm connecting to is actually an alias (proxy? load-balancer? I'm not
sure of the right word here) for a pool of servers, one of which is flaky.
Click to expand...

There are LDAP proxies with load-balancing and network-level
load-balancers. What is deployed at your site? What are the LDAP server?
Is there a way to ask the connection object exactly which server I'm
connected to?
Click to expand...

Since load-balancers typically share a virtual IP you cannot really
determine to which server your client is connected. It's up to this
system's configuration. You could ask some monitoring entry in the LDAP
server itself but this might also be flaky depending how your LDAP
session is dispatched to the LDAP servers. You better should talk to the
admin of the load-balancer to make sure session stickyness is guaranteed
within one LDAP session.

Also load-balancers typically works ok for read access. But if your LDAP
client applications writes to a pool of dispatched LDAP servers probably
configured with multi-master replication you should read and understand
the implications in draft-zeilenga-ldup-harmful first.

http://tools.ietf.org/draft/draft-zeilenga-ldup-harmful/

If you're implementing a really heavy application you'd better do
load-balancing / fail-over within your application.

Ciao, Michael.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Split entries from LDAP 2
python-ldap: searching without specifying an OU? 8
python-ldap - Operations Error 8
py-ldap question 1
python-ldap reading an OU with more than 1000 objects 1
ruby/ldap - available Active Directory attributes, negative filter 0
LDAP query trouble 2
active directory 0

Members online

Total: 54 (members: 1, guests: 53)
Robots: 113

Forum statistics

Threads
473,969
Messages
2,570,161
Members
46,710
Latest member
bernietqt

Latest Threads

Top