Can I specify more than one LDAP server in the directory services configuration

Can I specify more than one LDAP server in the directory services configuration

If you are using eDirectory then putting ldap1.example-cloud.com,ldap2.example-cloud.com will tell webNetwork to use ldap1 server until such time that the LDAP port responds.  If it stops responding then it will flip to ldap2.  It will stay at ldap2 until ldap2 goes away.

With Microsoft Active Directory this is a bit more tricky due to the way MS LDAP works.  MS LDAP utilized DNS to know what all of the domain controllers (LDAP Servers) names are.  It does not matter if a server is up or down, if the server is in DNS then there is a chance we will be told to connect to it.  This is different from how workstations talk to a domain controller.  So you can put dc1.example-cloud.com,dc2.example-cloud.com and it will talk to dc1 until it goes away and then moves to dc2.  

Please note that if for example, dc1 goes down, during communication with dc2, webNetwork may be referred to dc1 for the reason that MS LDAP does not have any means for knowing that a dc is down without you the administrator removing it from DNS.  Another problem may be that in your host file of UW server you have hard coded your domain example-cloud.com to be the IP address of one of the DC servers.  This is another oddity with Microsoft LDAP, it uses the domain name to look up the IP address.  In a typical environment, this may resolve to more than one IP address.  When you do not hard code it to one specific ip address that webNetwork should talk to, sometimes you will see some delays because we connect to one dc and then get told to go talk to another dc over and over.  Hard coding the domain name to the same IP that is used for the LDAP server in webNetwork.


    Can't find the KB

    Unable to find the KB to address your issue ?  

      • Recent Articles

      • Lenovo Unified Workspace End-of-Life Questions and Answers

        Will the shutdown of LUW servers and access to downloads affect my server licensing? No, the shutdown of the customer servers and access to the product and licensing downloads will not affect your server licensing. This license is downloaded and ...

      • How do I determine my Unified Workspace license expiration date?

        The best method for determining the licensing information including the expiration date of your Unified Workspace license: Login to your 8090 management console on each server This may take remoting into each LUW server and relay, opening a browser, ...

      • Lenovo Unified Workspace 7.0.2.13 Released

        Highlights of Unified Workspace 7.0.2.13 Before you install: Please view the installation notes here. 7.0.2.13 requires a 7.0 license file. Below is a list of enhancements and fixes released in Unified Workspace 7.0.2.13 Fixed external storage ...

      • LanSchool Documentation Guides

        LanSchool Classic Teacher Console The LanSchool Teacher Console is the interface teachers will use to manage their classroom and students. It contains all the tools necessary for a teacher to effectively interact with students and create a ...

      • Lenovo Unified Workspace 7.0.1.41 Released

        Highlights of Unified Workspace 7.0.1.41 Before you install: Please view the installation notes here. 7.0.1.41 requires a 7.0 license file. Below is a list of enhancements and fixes for Unified Workspace 7.0.1.41 Updated Log4j Updated Java Updated ...

      • Related Articles

      • New Directory Services Architecture (AD LDS)

        Unified Workspace has always required an LDAP directory service to serve as the primary datastore for the environment. All configuration objects and user data are stored in this underlying directory service. Until now, LUW required this to be the ...

      • How to enable SSL for LDAP on Active Directory?

        Problem:  webNetwork requires SSL over LDAP connection. Cause:  To ensure best security possible, you will want "end-to-end" encryption.  This is only possible with encrypting the LDAP connection.  Without SSL over LDAP some features, such as ...

      • How to display the MS AD LDAP Settings being used.

        The following comes from the URL : http://support.microsoft.com/kb/315071 This step-by-step article describes how to manage Lightweight Directory Access Protocol (LDAP) policies by using the Ntdsutil.exe tool. To make sure that domain controllers can ...

      • Configure Directory Services for Redundancy

        Question Is it possible to configure multiple directory servers for redundancy, in the event the configured directory sever goes down? Solution It is possible to configure UW to talk to multiple directory servers to provide redundancy. This is done ...

      • LDAP Error Codes

        AcceptSecurityContext error, data 52e means "bad password" AcceptSecurityContext error, data 525 means "bad user name" AcceptSecurityContext error, data 773 means "password expiring" or similar.  Standard error codes Standard LDAP errors Error / data ...