<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
<META NAME="GENERATOR" CONTENT="GtkHTML/3.28.1">
</HEAD>
<BODY>
On Thu, 2009-12-17 at 14:35 +0100, nunatarsuaq wrote:
<BLOCKQUOTE TYPE=CITE>
<PRE>
I'd like to configure cyrus to authenticate via an additional backup
LDAP server when the main one fails.
Is it possible?
</PRE>
</BLOCKQUOTE>
You didn't give us much to go on, such as which version of Cyrus or which authentication method you are using -- saslauthd or PTS module, but here's a guess. In /etc/imapd.conf you may specify more than one server using the "ldap_uri" setting for the PTS loader. From the imapd.conf man page:<BR>
<BLOCKQUOTE>
ldap_uri: <none><BR>
Contains a list of the URLs of all the LDAP servers when using the LDAP PTS module.<BR>
</BLOCKQUOTE>
Full details on the PTS loader options are in the imapd.conf man page.<BR>
<BR>
If you are using saslauthd, then the proper parameter is ldap_servers in /etc/saslauthd.conf, which takes a space delimited list of ldap URIs:<BR>
<BLOCKQUOTE>
ldap_servers: ldap://ldap1.example.com ldap://ldap2.example.com<BR>
</BLOCKQUOTE>
You may find full details of the configuration of saslauthd in the LDAP_SASLAUTHD file, which is part of the cyrus_sasl distribution. On many systems with binary installations you may find this file somewhere like /usr/share/doc/cyrus-sasl-2.1.22/LDAP_SASLAUTHD<BR>
<BR>
Best regards,<BR>
-nic<BR>
<TABLE CELLSPACING="0" CELLPADDING="0" WIDTH="100%">
<TR>
<TD>
<BR>
<PRE>
--
Nic Bernstein <A HREF="mailto:nic@onlight.com">nic@onlight.com</A>
Onlight llc. <A HREF="http://www.onlight.com">www.onlight.com</A>
219 N. Milwaukee St., Suite 2a v. 414.272.4477
Milwaukee, Wisconsin 53202
</PRE>
</TD>
</TR>
</TABLE>
</BODY>
</HTML>