AD LDAP Pool
Daniel Fisher
dfisher at vt.edu
Mon May 16 21:26:08 EDT 2016
On Mon, May 16, 2016 at 7:21 PM, Mark Boyce <Mark.Boyce at ucop.edu> wrote:
> When pooling AD Domain Controllers and adding
> “connectionHandler="edu.vt.middleware.ldap.handler.DefaultConnectionHandler{{connectionStrategy=ACTIVE_PASSIVE}}"”
> (as prescribed at
> https://wiki.shibboleth.net/confluence/display/SHIB2/IdPAuthUserPass) I
> am seeing the following:
>
>
>
> 1) User enters bad password
>
> 2) Shibboleth (yes, it is the underlying
> edu.vt.middleware.ldap.jaas.LdapLoginModule) attempts to authenticate the
> user at each DC in the pool; having failed to bind as the user, it would
> appear that edu.vt.middleware.ldap.jaas.LdapLoginModule is interpreting
> this as a failure of the server and promptly moving on to the next server
> in the pool
>
Can you post some debug logs of this?
--Daniel Fisher
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20160516/7c6ec003/attachment-0001.html>
More information about the users
mailing list