ROR cannot start if LDAP is not available

ROR doesn’t start if LDAP is not available. In my opinion it is not good behaving…
Access can be from some reason blocked… but ES cluster must be working at least with LOCAL ACCOUNTS. Is it possible to improve this behaving?

Hi @vasek

This is the connectivity check, which was added some time ago, because lot of our clients complaining about not working LDAP rule, but often the problem was wrong configuration of LDAP connector. So, we decided to introduce the check and allow ROR to fall early - it’s easier to notice that sth is wrong.

But yes, I understand your point. In ROR we don’t want to change the default behaviour without significant reason (eg. security related), but obviously we can introduce the settings option for in eg. LDAP connector settings section to disable the check. If you know what you’re doing (and why), to would be able to change the default behaviour. Is it ok for you?

1 Like

Thank you @coutoPL for explanation. Some option like: allow_run_ror_without_ldap_connectivity: true OR ignore_ldap_connectivity_problems would be fine. The main purpose is to boot ROR regardless of LDAP availability.

ok, we will add this option soon. Will let you know

1 Like

Great! Thank you @coutoPL .

@vasek we have this ready for tests. Do you want to test the prebuild? What ES version do you currently use?

it will be a part of ROR 1.26.0

1 Like

Great. Thank you @coutoPL .