auth-ldap (v0.10.11) - Specifying Multiple (Primary / Secondary) AD Servers under the URI field
-
Is there a way to specify a primary and secondary Active Directory server when configuring auth-ldap?
I've encountered situations where the specified URI (ldap://activedirectory1.domain.x.y) server isn't reachable so I'd like to be able to specify a secondary AD server using something like this:
ldap://activedirectory1.domain.x.y, ldap://activedirectory2.domain.x.y
Basically multiple AD servers; separated by a comma.
Unlike the other forum post regarding Multiple AD Sources, both of these control the same domain.
Thanks.
-
@gcpeters4 Hi! You could use DNS round robin but it's 50/50 if it works for you. Just put ldap://domain.x.y in and try.
-
Is there a way to specify a primary and secondary Active Directory server when configuring auth-ldap?
I've encountered situations where the specified URI (ldap://activedirectory1.domain.x.y) server isn't reachable so I'd like to be able to specify a secondary AD server using something like this:
ldap://activedirectory1.domain.x.y, ldap://activedirectory2.domain.x.y
Basically multiple AD servers; separated by a comma.
Unlike the other forum post regarding Multiple AD Sources, both of these control the same domain.
Thanks.
Another option is to setup AD clustering (clusters) with both controllers part of the same cluster. Alternatively setup an AD Failover which has a single FQDN endpoint but two members.
Either or both of these likely to result in a single FQDN that can be fed into the plugin.
-
ldap://domain.x.y
Thanks for the suggestion. I can give this a shot real quick!
-
This is a good idea as well. If the previous suggestion of trying to do a DNS round robin approach doesn't work, this may be my best option.
Thanks for taking the time to provide your suggestion!
-
This is a good idea as well. If the previous suggestion of trying to do a DNS round robin approach doesn't work, this may be my best option.
Thanks for taking the time to provide your suggestion!
By the way my suggestion is recommended best practice from Microsoft for their Active Directory software and/or technology. My suggestion will be more likely to work if your DNS servers and requests have issues with Round Robin configuration. Plus with my solution you can easily add more servers as domain controllers to the cluster, as required and use replication to keep them consistent and up to date.
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login