Hello Christian, On 03/03/2016 09:09 AM, Christian Schmidt wrote:> Hello Gordon, > > On 29.02.2016 16:18, Gordon Grubert wrote: >> we are using a round robin dns record for connections to our ldap >> system. This works fine for almost all cases. In particular, for >> dovecot does this mean, when an ldap server is stopped, dovecot >> instantly reconnects to another ldap server. >> >> But when the network connection to the active ldap server is broken, >> dovecot sticks to the failed ldap server. Is there any possibility to >> define a connection timeout? > > What about replicating the directory onto the dovecot host and send the > ldap queries to localhost?of course, this would be possible. E.g., for our DNS we are using exactly this solution. But this means, there is one additional daemon. Additionally, this leads to an mailserver interruption when updating the local ldap daemon. But you are right, the "connection loss" problem over the network can be prevented. Best regards, Gordon
Hi Gordon, On 03.03.2016 09:55, Gordon Grubert wrote:> On 03/03/2016 09:09 AM, Christian Schmidt wrote: >> What about replicating the directory onto the dovecot host and send the >> ldap queries to localhost? > > of course, this would be possible. E.g., for our DNS we are using > exactly this solution. But this means, there is one additional daemon. > Additionally, this leads to an mailserver interruption when updating > the local ldap daemon.Well, just switch dovecot to another LDAP server before local LDAP's "downtime". ;-) Regards, Christian -- No signature available. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5326 bytes Desc: S/MIME Cryptographic Signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20160303/a6a55774/attachment.p7s>
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 3 Mar 2016, Christian Schmidt wrote:> On 03.03.2016 09:55, Gordon Grubert wrote: >> On 03/03/2016 09:09 AM, Christian Schmidt wrote: >>> What about replicating the directory onto the dovecot host and send the >>> ldap queries to localhost? >> >> of course, this would be possible. E.g., for our DNS we are using >> exactly this solution. But this means, there is one additional daemon. >> Additionally, this leads to an mailserver interruption when updating >> the local ldap daemon. > > Well, just switch dovecot to another LDAP server before local LDAP's > "downtime". ;-)I don't understand, where the downtime shall come from? Do you use a LDAP server, that does not support replication on its own? - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVtguNXz1H7kL/d9rAQKRqAf8DKnxiXu2rvjbvy4Y6RS/r90D/6dIMLbf tb6ghII1M0/nJiIH0zqm/OtS13hCUfWAut7L1Piizbr1SWxMlLTF0j4QrHb2oriG L6vfhzJRGBZTI6YL7NSqbVGiXe2CDeYxO4en100pNpCeWa47RCdvoWEFCLTm9bXs frJ0SO6ba6Pc9vD4QZIo3XNjBbI6jHHbSVHK2Ry5+uXIyN/IwbRNx9bCpATGI3y7 12hs/ulI5IWjyjojBydSOwxzh4TX+RqZQIa6onOxszkXRvuQqiUGH+wGXaJOViVJ GjOaNrvnnTUkLPgKR6nMp5DNlXtENpw3/P/qK2xNedCroXnA0RYIEA==vGhF -----END PGP SIGNATURE-----