[Building Sakai] External LDAP users in a clustered environment.

[Kusnetz, Jeremy]

We have been experiencing some weird issues with our external LDAP user.
We are currently running 3 Sakai servers.

 

There are a few issues going on, but I think they are all interrelated,
and I think it's stemming from how different nodes in the cluster update
each other.

 

When adding a new user to a site, not all the servers know about this
user in that site.  When you log in as that user some of the nodes do
not show the site being available to that user.  Of our 3 nodes sometime
1 or 2 of them do not know about that site for the user.

 

Also when changing the roles of users in a site it doesn't seem to stick
at times.  You can change an instructor to student, hit save and the
user is still an instructor.  Eventually when playing with roles and
adding students, the list of users for a site won't show up anymore.  In
catalina.out you can see an error about a user that doesn't exist.

 

When looking at the realm for the site you can see normal users and then
a bunch of internal ID instead of the EIDs.  When looking at these
internal IDs in the site, they don't match up to anything in the
SAKAI_USER or SAKAI_USER_ID_MAP tables.  They seem to be "orphaned"
internal_ids that just don't match up with anything.  When you click on
that internal_id in the site's realm Sakai just gives an error that it's
an invalid user.

 

We don't have this problem at all with local users, just remote LDAP
users. 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20100702/2312d02b/attachment.html