-
Notifications
You must be signed in to change notification settings - Fork 252
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support SRV record lookup and failover (rfc2782) #191
Comments
@cperrin88 is this something that necessarily belongs inside of the client library or is something that can be negotiated externally and then passed into the client library once a host is selected? |
Yes I think so. It is a standard feature of Active Directory and this is the easiest way to make this centraly available. It is not uncommon for one DC to be down and Switching could be seamless without everyone putting that part in their software. |
I have created a gem that can assist with this feature request: https://rubygems.org/gems/resolv-srv. The example included with its README file shows one way to use it with net-ldap to perform SRV record lookups, but it would be nicer if this facility were directly integrated into net-ldap. That way the library could more seamlessly switch servers when necessary without the consumer code needing to handle the details. |
@javanthropus thanks for the link. As valuable as this sounds, I don't have the bandwidth to maintain this. It looks like a straightforward single lib file. As a compromise, I propose adding a section to the readme that links to useful ruby LDAP utilities #220 |
Thanks for adding the reference in the README. Hopefully, others find the library and can make use of it. I'm not sure what exactly you don't have bandwidth to maintain though. If someone were to provide a PR with minimal changes that enables using this library as an external dependency, would you consider it? It should be possible to add a single, optional attribute to Net::LDAP providing the domain in which to search that gets passed to Net::LDAP::Connection. If that attribute is set Net::LDAP::Connection would then perform SRV lookups to find servers and try each one in turn until it successfully opens a connection. |
@jch I actually have a very minimal patch that doesn't introduce any dependency on the resolv-srv library. Instead, I introduced a new attribute named Manual testing works, but before I go adding a bunch of automation, are you interested? |
@javanthropus I'm sure it's a valuable feature, but it's not part of the core LDAP spec, and is out of scope for this library. Yes, it would be convenient to have it work out of the box, but having a separate dedicated gem with a maintainer like yourself who is knowledgeable about the feature ensures that it works long term. |
@jch thanks for the clarification. I believe the solution provided in #223 is better in general since all that is needed there is a list object that responds to the Please take a look at #223 and tell me what you think about it. Thanks! |
To allow higher availability for LDAP, it would be nice if this implementation supported looking up SRV records according to rfc2782.
The lookup would be on
and would return a list like
These should be tried according to the priority and weight fields. Pages 5 and 6 of rfc2782 explain how te process should work.
Real world use would be for example for Active Directories in a HA setup.
The text was updated successfully, but these errors were encountered: