Open Stack

I’m setting up (Open)LDAP on my old Newton installation (and no,
I’m *NOT* upgrading!! Last time I did that, it took me two, three
months to get back to a somewhat-working state), with the LDAP
servers behind a HAProxy LB.

I’m trying to have one at a time enabled to see if I can get them
working individually before I try them as a whole/group..


I tried all day yesterday, and I could do the initial connection, but
not get any results - “can’t contact ldap server”.

I see the connection in the logs, but don’t get any results back.



Now, first thing I did this morning was to just run the exact same
command (kinit && ldapwhoami) that I did last night.

AND IT WORKED!!

No idea why! It shouldn’t have. Glad it did, but since I can’t explain
WHY it worked, it’s annoying!! :)


So I then disabled that (working) LDAP server in the LB member list
and enabled the second. And now that is experiencing the same
problem as the first yesterday…

I didn’t change anything else - last thing I did before I went to bed
last night was try the ldapwhoami command -> “can’t contact ldap
server”. And the very first thing I did this morning was kdestroy
my ticket, get a new one and then run ldapwhoami.

I’ve run with multiple types of debugging, but there’s nothing obvious
(I’m quite knowledgeable about LDAP so know how to debug THAT,
but not OS/HAProxy).



So … “something” internally in OS changed. Any suggestions to what
or how to debug this?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20171119/482d7b00/attachment.sig>