KDC with openldap backend, ldap replication, can it chase referrals?

Andreas Hasenack andreas at canonical.com
Wed Apr 15 08:49:29 EDT 2020


Hello,

On Wed, Apr 15, 2020 at 1:54 AM Greg Hudson <ghudson at mit.edu> wrote:
>
> On 4/14/20 3:34 PM, Andreas Hasenack wrote:> Can mit kerberos (1.17 for
> the purpose of this conversation) using the
> > openldap backend (kldap) chase ldap referrals when it tries to write
> > to an openldap replica, which is read-only?
> >
> > In other words, can I list both the openldap primary and its read-only
> > replica in krb5.conf's ldap_servers parameter?
>
> I don't believe we support this.  This came up a number of years ago:
>
> https://krbdev.mit.edu/rt/Ticket/Display.html?id=7754

Thanks for the pointer!

Cheers


More information about the Kerberos mailing list