Closed landryb closed 4 years ago
I am using 2 ldap server for 2 domain accounts and will be interested in the solution to reduce the log noise as well.
@landryb not to hijack your thread but are you using require group
in your config and if so is nested groups working for you ?
was fixed by 81f7e24 / #219
I have a setup with two auth servers:
Auth works fine whichever the server contains the user i'm sending credentials for, but for caching it's not the same:
If the user is found in ldap1, the info is properly cached in nginx, ldap2 is not searched for at all, and ldap1 isnt queried for the time the info is cached.
If the user is not found in ldap1 but only in ldap2, ldap1 will be queried at every subsequent user hit (even though nginx has cached the fact that 'user has been found in ldap2'), thus the log is filled with error messages from the query on ldap1 not finding user in there:
User still doesnt have to resend creds as he's been authentified in ldap2, but the logs are filing up...
Is there a way to search first for the cache (being global to all servers) before trying to auth/search in each server ?