How does ACS 5.0 check LDAP health?

Unanswered Question

LDAP servers sit behind Load Balancers.

Primary and Secondary LDAP servers are defined as Load Balancer VIPs.

ACS not failing over to secondary LDAP server (VIP) ???

When disabling connection to primary LDAP servers, still able to make connection on port 636 from ACS to Load Balancer.

Just like to confirm how ACS checks LDAP health so I can confirm whether ACS or load balancer issue.

Thanks.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
gyakubov Tue, 03/02/2010 - 13:18

Hi Brad.

If your LDAPs are behind load balancer, so this devide takes care about availability and failover. ACS "sees" just one virtual IP. Load balancer, in turn, may use special "keep-alive" packets on speicified  port in order to check LDAPs availability and latency.

If you see no failover on you LDAP servers which are behing LB, please, check load balancer configuration first.

P.S.  ACS uses no special "keep alive"  -  you just confugring two LDAP servers and internal logic switches from first to second after timeout.

Actions

This Discussion