PingDirectory

Testing a simulated external server failure

After you have tested connectivity, run a simulated failure of a load-balanced external server to verify that the PingDirectoryProxy server redirects LDAP requests appropriately.

About this task

To run a simulated external server failure:

Steps

  1. Stop the ds-east-01.example.com:389 and ds-east-02.example.com:389 server instances and test searches through proxy-east-01.example.com.

  2. Perform several searches against the PingDirectoryProxy server and verify activity in each of the servers in the east location, ds-east-01 and ds-east-02, by looking at the access logs.

    Example:

    The following simple search can be repeated as needed.

    root@proxy-east-01: bin/ldapsearch --bindDN "cn=Directory Manager" \
    --bindPassword password --baseDN "dc=example,dc=com" \
    --searchScope base --useStartTLS "(objectclass=*)"
  3. Stop the directory server instance on ds-east-01.example.com and ds-east-02.example.com using the stop-server command and immediately retry the searches in step 2.

    There should be no errors or noticeable delay in processing the search.

    Example:

    root@proxy-east-01: bin/stop-server
    
    root@proxy-east-01: bin/ldapsearch \
     --bindDN "cn=Directory Manager" --bindPassword password \
     --baseDN "dc=example,dc=com" --searchScope base \
     --useStartTLS "(objectclass=*)"
  4. Check the access log to confirm that requests made to these servers are routed to the central servers because these servers are the first failover location in the failover list for the ds-east-01 and ds-east-02 servers.

  5. Restart the directory server instance on ds-east-01.example.com and ds-east-02.example.com.

  6. Check their access logs to ensure that traffic is redirected back from the failover servers.