Testing a simulated external server failure - PingDirectory

Page created: 26 Jul 2021 |

Page updated: 14 Jan 2022

| 1 min read

9.0 Product PingDirectory Directory Capability Product documentation Content Type Administration User task Configuration System Administrator Administrator Audience IT Administrator Software Deployment Method

After you have tested connectivity, run a simulated failure of a load-balanced external server to verify that the Directory Proxy Server redirects LDAP requests appropriately.

To run a simulated external server failure:

Stop the ds-east-01.example.com:389 and ds-east-02.example.com:389 server instances and test searches through proxy-east-01.example.com.
Perform several searches against the Directory Proxy Server and verify activity in each of the servers in the east location, ds-east-01 and ds-east-02, by looking at the access logs.
The following simple search can be repeated as needed.
```
root@proxy-east-01: bin/ldapsearch --bindDN "cn=Directory Manager" \
--bindPassword password --baseDN "dc=example,dc=com" \
--searchScope base --useStartTLS "(objectclass=*)"
```
Stop the Directory Server instance on ds-east-01.example.com and ds-east-02.example.com using the stop-server command and immediately retry the searches in step 2.

There should be no errors or noticeable delay in processing the search.
```
root@proxy-east-01: bin/stop-server

root@proxy-east-01: bin/ldapsearch \ 
--bindDN "cn=Directory Manager" --bindPassword password \ 
--baseDN "dc=example,dc=com" --searchScope base --useStartTLS \ 
"(objectclass=*)" 
```
Check the access log to confirm that requests made to these servers are routed to the central servers because these servers are the first failover location in the failover list for the ds-east-01 and ds-east-02 servers.
Restart the Directory Server instance on ds-east-01.example.com and ds-east-02.example.com.
Check their access logs to ensure that traffic is redirected back from the failover servers.