squid_ldap_auth: Can I specify a failover domain controller?
I've run into a new problem in setting up a Squid 3.0 server at my office. Before going into what's wrong though, let me describe how we have it set up:
User's IE browsers point to the Squid server as the proxy, and when they open the browser they are prompted for their LDAP credentials. The Squid server authenticates them against one of our Windows S2003 domain controllers and gives them permissions to certain websites based on which AD security group I've put them in. To this end, everything is working perfectly.
However, in order to accomplish this, I use the program squid_ldap_auth. It took forever to get it working the way I want it, but I finally discovered that in order to successfully look up an account on our DC, I have to use the -h parameter to specify the IP of one of my domain controllers.
So, my question.
Is there a way for me to specify a failover host, in case that DC is down or unavailable for any reason? (We have several DC's here.)
I'd like to know if this can be done within the command parameters or within my squid.conf file. I've poured through the man pages of squid_ldap_auth and looked up many squid.conf tutorials without much luck.
Much appreciated; you guys are saviors!
Last edited by RedHelix; 09-22-2009 at 10:43 AM.