[PVE-User] ldap authentication and fallback server

Jonathan Schaeffer jonathan.schaeffer at univ-brest.fr
Tue Jan 8 12:21:54 CET 2013

Hi all,

I'm setting up LDAP authentication for Proxmox web UI.
The LDAP host is a VM inside the cluster, so I thought it would be nice 
to setup a fallback server.

Done. But the tests are run show that the fallback server is not 
contacted when the main LDAP server is not available.

Is it a bug or something I did not understand ?

I'm running PVE 2.1 and this is the setup :

get /access/domains/LDAP_IUEM
200 OK
    "base_dn" : "ou=people,dc=univ-brest,dc=fr",
    "digest" : "592a8f63824979caa2020e37d58bdbbd7ed4e68d",
    "server1" : "annuaire-iuem.univ-brest.fr",
    "server2" : "annuaire.univ-brest.fr",
    "type" : "ldap",
    "user_attr" : "uid"

- The authentication works OK
- I add an iptable rule to drop traffic to "annuaire-iuem" :
   # iptables -I OUTPUT -p tcp -m multiport --dport 389 -d annuaire-iuem 
- ldapsearch toward annuaire-iuem does not work (as expected) and 
ldapseach toward annuaire works alright
- authentication fails with a timeout

IUEM - Service Informatique
rue Dumont D'Urville
Technopôle Brest-Iroise
29280 Plouzané
tel: +33 2 98 49 87 94

More information about the pve-user mailing list