LDAP Failover Issue

Unanswered Question
Mar 6th, 2009

Ok, this is driving me nuts... I have multiple LDAP servers (windows server 2003 AD Domain Controllers) --- I have set them BOTH up in the ironport with failover configuration ---


(x) failover

In this configuration, I can do LDAP queries just fine, however if the .50 server goes down the LDAP queries fail, they never roll over to .51

Same in reverse, I enter .51 first and then .50 and it works fine until I take .51 offline

I have also attempted to just put the AD name (domain.ext) in place there, and it works until I take one of the servers down.

Any suggestions?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
mychrislo_ironport Sat, 03/07/2009 - 07:53

i use a load balancer and it will not redirect traffic to the failed server...
a solution that may not fit you.

Rayman_Jr Wed, 03/11/2009 - 12:52

We are using two Domino LDAPs and three ADs. Both Domino and AD lookups are failing over just fine. (C600 AsyncOS 6.4)

Have you tried to enable LDAP debugging logs ? Maybe those can show you what's going wrong.

Jason Meyer Mon, 03/16/2009 - 15:42

I use the load ballancing option and the only problem I've had is when the account IronPort was using to authenticate to the servers had the password expire. Rather than allow the mail in as I expected it to work. (I have allow main in if LDAP server is unavailable), IronPort began bouncing all mail. This was quickly resolved by resetting the password and setting it to not expire but was unexpected.


This Discussion