I am creating LDAP proxy server using OpenLDAP, server will be used for user authentication (using simple bind over SSL/TLS). Is there a way to make OpenLDAP proxy to cache simple bind credentials and respond to simple bind requests from cache in case main LDAP server goes temporary offline?
May be there are any (preferably free) alternatives that can cache authentication requests?
Best Answer
I guess you already know about OpenLDAP Proxy Cache Engine since you are creating such server. Anyway, I would do this with the proxy cache engine; just set the cache TTL high enough so it can wait backend server reboots and other minor offline cases.
If you have multiple LDAP servers, you can also configure them in multi-master mode and put a load-balancer in front of them. That way you don't have to worry about a single LDAP server going down, everything continues to work smoothly automatically.