[rabbitmq-discuss] LDAP backend problem

Kristian Jensen spexxter at gmail.com
Wed Feb 19 08:55:12 GMT 2014


Hi,

We use Active Directory as an LDAP auth backen for Rabbitmq.

We have 3 AD servers, and alle 3 are configured in RabbitMQ. But if we 
shutdown one of them, we are no longer able to access RabbitMQ using an 
LDAP account.
I get the login promt, om the management site(http://host:15672), but if i 
use a LDAP account, the site is not responding.

Why is the LDAP module not robust againt unavailable LDAP backens? - could 
you intruduce a sort of healtcheck?

RabbitMQ 3.2.3, Erlang R15B01

rabbitmq.config
[
  {rabbit, [{auth_backends, [rabbit_auth_backend_ldap, 
rabbit_auth_backend_internal]}]},
  {rabbitmq_auth_backend_ldap,
   [ {servers,               ["devopsad01.dev.local", 
"devopsad02.dev.local","devopsad03.dev.local"]},
     {dn_lookup_attribute,   "userPrincipalName"},
     {dn_lookup_base,        "DC=dev,DC=local"},
     {user_dn_pattern,       "${username}@dev.local"},
     {use_ssl,               false},
     {port,                  389},
     {log,                   false},
     {vhost_access_query,    {in_group,
                              "CN=sg_sh_mq_vhost-${vhost},OU=vhosts,OU=MQ,OU=Security 
Groups,OU=Groups,OU=SharedHosting,OU=eCG,DC=dev,DC=local"}}
     {resource_access_query,
      {for, [{permission, configure, {constant, true}},
             {permission, write,
              {for, [{resource, queue,    {constant, true}},
                     {resource, exchange, {constant, true}}]}},
             {permission, read,
              {for, [{resource, exchange, {constant, true}},
                     {resource, queue,    {constant, true}}]}}
            ]
      }},
     {tag_queries,           [{administrator, {in_group, "CN=sg_sh_mq-admin,OU=MQ,OU=Security 
Groups,OU=Groups,OU=SharedHosting,OU=eCG,DC=dev,DC=local"}},
                              {management,    {constant, true}}]}
   ]
  }
].
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/attachments/20140219/a67bdf54/attachment.html>


More information about the rabbitmq-discuss mailing list