-
Title
Directory Services - when is "Secondary LDAP server URL:" used? -
Description
I am configuring the Directory Services in Foglight so that my Active Directory accounts can login and administer Foglight 5.
Admin Console | Dashboards | Administration | Users & Security | Configure Directory ServicesWhen is the "Secondary LDAP server URL:" used?
-
Resolution
The secondary ldap server is for fault-tolerance purpose only (only if the FMS cannot find the LDAP primary server).
During the login, it only gets checked if there is no response from the primary ("Nearest") LDAP server.
However, it should also be mentioned that when configuring the Directory Services, an entry is required for the "Secondary LDAP server URL:".
If only one LDAP Server exists, use the same url for both the primary ("Nearest") and the Secondary LDAP server. -
Additional Information
NOTE: Connection refused is a vaild response from the Primary LDAP server. This error is a valid response from the LDAP Primary machine and the secondary LDAP will not be attempted To be contacted.
2011-11-17 00:00:00.512 WARN [RemoteAlarmAccessor-1-[local]-Time-3] com.quest.nitro.service.security.auth.spi.NitroExtendedLdapLoginModule - Error connecting to LDAP server: ldaps://host:636
javax.naming.CommunicationException: prdshcaldc01.sjrb.ad:636 [Root exception is java.net.ConnectException: Connection refused]
..
Caused by: java.net.ConnectException: Connection refused