Hello,
We are about to go live with a large portal, using three LDAPs, for several companies. Each LDAP has diferent users. Two of these LDAPs are stored far away from the portal server and, therefore, network problems might occur. Single Sign On is done via Kerberos. No LDAP secondary/mirrowing servers. See bellow.
We are wondering what will be the portal behavehour, in the event that one of these LDAPs becomes temporarily inaccessible? Will the overall portal forbid general login for all the users on the other LDAPs, or just for those users registered in this missing LDAP?
In both cases, what is the mechanism that the portal will use to
identify that a LDAP is missing? There should be a timeout and/or a number of retries, before a LDAP is put offline. Do you know these timeout values?
PS. In these cases, there should be secondary LDAPs mirrowing the primary ones, to prevent the error situation I described above. This is not possible in this environement and the risk has been taken by the customer. Still, we will need to explain the behaveour in such cases.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.