Bug 1142830

Summary: Can not select multiple LDAP servers with authconfig
Product: Red Hat Enterprise Linux 7 Reporter: Arpit Tolani <atolani>
Component: authconfigAssignee: Tomas Mraz <tmraz>
Status: CLOSED ERRATA QA Contact: Eduard Benes <ebenes>
Severity: high Docs Contact:
Priority: high    
Version: 7.1CC: chekov, ebenes, kehsani, pkis
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: authconfig-6.2.8-9.el7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1145137 (view as bug list) Environment:
Last Closed: 2015-03-05 11:07:19 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1145137    

Description Arpit Tolani 2014-09-17 13:30:07 UTC 
Description of problem:
Can not select multiple LDAP servers with authconfig

Version-Release number of selected component (if applicable):
authconfig-6.2.8-8.el7.x86_64

How reproducible:
100%

Steps to Reproduce:
 
[root@dhcp210-38 ~]# authconfig --enableldap --enableldapauth  --ldapserver='ldap://ldap1.example.com ldap://ldap2.example.com ldap://ldap3.example.com' --ldapbasedn="dc=example,dc=com" --update
authconfig: Invalid LDAP URI.
Job for nslcd.service failed. See 'systemctl status nslcd.service' and 'journalctl -xn' for details.

[root@dhcp210-38 ~]# authconfig --enableldap --enableldapauth  --ldapserver='ldap://ldap1.example.com,ldap://ldap2.example.com,ldap://ldap3.example.com' --ldapbasedn="dc=example,dc=com" --update
authconfig: Invalid LDAP URI.
Job for nslcd.service failed. See 'systemctl status nslcd.service' and 'journalctl -xn' for details.

Actual results:
Authconfig now takes only one LDAP server in arguement. 

Expected results:
authconfig should take multiple server in arguement.
Comment 1 David Spurek 2014-09-17 14:03:19 UTC 
nslcd.conf man page says following about multiple uri:
This  option may be specified multiple times. Normally, only the first server will be used with the following  servers  as  fallback (see bind_timelimit below).

We should simply add 3 uri entries to nslcd.conf

This option may also influence sssd.conf.
sssd may also take multiple ldap uris but it has different syntax. It takes comma-separated list of URIs.
Comment 2 Tomas Mraz 2014-09-29 11:00:33 UTC 
*** Bug 1145824 has been marked as a duplicate of this bug. ***
Comment 7 errata-xmlrpc 2015-03-05 11:07:19 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-0512.html
Comment 8 kevin Ehsani 2016-07-15 12:36:27 UTC 
I am using centos 7 and the bug seems to persist when I use:

authconfig --ldapserver="ldap://simple-provider.example.com,ldap://clone-provider.example.com"

Which ever I put first will be the ldap server and switching off that server will not change the ldap server. I am using virtual box to create the servers and clients