Mark ...
I was reading about the round robin host setup in the documentation, but our one Network/System admin doesn't know how to do it. Sad, right? You have an AD Team???? Good grief. It must be nice to work somewhere with decent support.
Gary
Message: 1 Date: Thu, 1 Sep 2011 10:45:49 -0400 From: Mark Shropshire mdshrops@shropnet.net Subject: Re: [support] 2nd AD Server "rollover" not working with LDAP Integration Module To: support@drupal.org Message-ID: 9035B51D-A8F5-4E8B-8A2A-E93FD2E25762@shropnet.net Content-Type: text/plain; charset=us-ascii
Gary,
Our AD team setup one host that we hit and it round robins or load balances (not sure which honestly) between the AD servers. I know that doesn't answer your exact question, but if it is an option, it works well..
Thanks, Mark
On Sep 1, 2011, at 10:10 AM, Broyhill, Gary wrote:
I have been using LDAP Authentication Module (Drupal 6.x) successfully with our network's AD server for a couple of years, no problem. (note: I use an LDAP account with stripped down permissions for non-anonymous search).
So ... our sysadmin people just added a second AD server to our network for redundancy. They wanted me to test to see if Drupal's LDAP would work with both servers. I added the server in the LDAP Module configuration. It passed the authentication Test for non-anonymous search using my LDAP account mentioned above. I can disable either of the servers from the Module settings, and authentication still takes place.
However, if either of the AD servers goes offline, Drupal's LDAP does not find the second server. The only way I can make it work is to go in to the LDAP settings and deactivate the server that went offline. According to documentation on http://drupal.org/node/118123, "the LDAP Servers will be consulted in the order they are listed. They are listed in the order they are created. Future releases will include an option to re-order them for authentication." This rollover doesn't seem to be happening, and I'm not sure where to go from here. Searched the issue queue but did not find this one.