The charm configuration option is a direct pass through to the keystone ldap url configuration option which specifies:
"URL(s) for connecting to the LDAP server. Multiple LDAP URLs may be specified
as a comma separated string. The first URL to successfully bind is used for the
connection."
So I'm guessing that the fault here lies in whatever failover code exists in keystone and the underlying LDAP library to support failure detection and failover.
The charm configuration option is a direct pass through to the keystone ldap url configuration option which specifies:
"URL(s) for connecting to the LDAP server. Multiple LDAP URLs may be specified
as a comma separated string. The first URL to successfully bind is used for the
connection."
This is configured directly in the backend:
[ldap]
url = {{ options.ldap_server }}
user = {{ options.ldap_user }}
So I'm guessing that the fault here lies in whatever failover code exists in keystone and the underlying LDAP library to support failure detection and failover.