[rabbitmq-discuss] Debugging AD

Gavin M. Roy gmr at myyearbook.com
Wed Nov 30 18:40:27 GMT 2011

I've been meaning to ask on this subject: is there any level of caching of
data received back from the LDAP server? I'd like to move to LDAP for our
infrastructure but am worried about connection rates and throttling due to
time spent making LDAP requests for the same connecting/disconnecting user.

Alternatively, does Rabbit check local auth prior to LDAP auth?


On Wed, Nov 30, 2011 at 12:41 PM, Simon MacMullen <simon at rabbitmq.com>wrote:

> On 30/11/11 16:44, Ben Hood wrote:
>> I now have a follow up question: is it possible to create two
>> different groups in LDAP and assign them different levels of
>> privileges within the Management frontend?
> Yes - see http://hg.rabbitmq.com/**rabbitmq-auth-backend-ldap/**
> file/rabbitmq_v2_7_0/README-**authorisation<http://hg.rabbitmq.com/rabbitmq-auth-backend-ldap/file/rabbitmq_v2_7_0/README-authorisation>
>  I was thinking of having a group for admins who can do anything, and a
>> group for people who should be able to look at statistical info, but
>> can't do anything that would cause any messages to get binned (such as
>> queue/exchange deletions, queue purges or queue binds/unbinds).
> So the second group needs to have a tag_queries such that they get the
> "monitoring" tag, and a resource_access_query that restricts them from...
> well, from doing almost anything I guess.
> Cheers, Simon
> --
> Simon MacMullen
> RabbitMQ, VMware
> ______________________________**_________________
> rabbitmq-discuss mailing list
> rabbitmq-discuss at lists.**rabbitmq.com<rabbitmq-discuss at lists.rabbitmq.com>
> https://lists.rabbitmq.com/**cgi-bin/mailman/listinfo/**rabbitmq-discuss<https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/attachments/20111130/6c4d0d1d/attachment.htm>

More information about the rabbitmq-discuss mailing list