[rabbitmq-discuss] LDAP backend problem
Kristian Jensen
spexxter at gmail.com
Wed Feb 19 08:55:12 GMT 2014
Hi,
We use Active Directory as an LDAP auth backen for Rabbitmq.
We have 3 AD servers, and alle 3 are configured in RabbitMQ. But if we
shutdown one of them, we are no longer able to access RabbitMQ using an
LDAP account.
I get the login promt, om the management site(http://host:15672), but if i
use a LDAP account, the site is not responding.
Why is the LDAP module not robust againt unavailable LDAP backens? - could
you intruduce a sort of healtcheck?
RabbitMQ 3.2.3, Erlang R15B01
rabbitmq.config
[
{rabbit, [{auth_backends, [rabbit_auth_backend_ldap,
rabbit_auth_backend_internal]}]},
{rabbitmq_auth_backend_ldap,
[ {servers, ["devopsad01.dev.local",
"devopsad02.dev.local","devopsad03.dev.local"]},
{dn_lookup_attribute, "userPrincipalName"},
{dn_lookup_base, "DC=dev,DC=local"},
{user_dn_pattern, "${username}@dev.local"},
{use_ssl, false},
{port, 389},
{log, false},
{vhost_access_query, {in_group,
"CN=sg_sh_mq_vhost-${vhost},OU=vhosts,OU=MQ,OU=Security
Groups,OU=Groups,OU=SharedHosting,OU=eCG,DC=dev,DC=local"}}
{resource_access_query,
{for, [{permission, configure, {constant, true}},
{permission, write,
{for, [{resource, queue, {constant, true}},
{resource, exchange, {constant, true}}]}},
{permission, read,
{for, [{resource, exchange, {constant, true}},
{resource, queue, {constant, true}}]}}
]
}},
{tag_queries, [{administrator, {in_group, "CN=sg_sh_mq-admin,OU=MQ,OU=Security
Groups,OU=Groups,OU=SharedHosting,OU=eCG,DC=dev,DC=local"}},
{management, {constant, true}}]}
]
}
].
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/attachments/20140219/a67bdf54/attachment.html>
More information about the rabbitmq-discuss
mailing list