Page created: 26 Jul 2021
|
Page updated: 18 Jul 2023
| 1 min read
9.0 Product PingDirectory Directory Capability Product documentation Content Type Administration User task Configuration System Administrator Administrator Audience IT Administrator Software Deployment Method PingDirectoryProxy
After you have tested connectivity, run a simulated failure of a load-balanced external server to verify that the Directory Proxy Server redirects LDAP requests appropriately.
To run a simulated external server failure:
-
Stop the
ds-east-01.example.com:389
andds-east-02.example.com:389
server instances and test searches throughproxy-east-01.example.com
. -
Perform several searches against the Directory Proxy Server and
verify activity in each of the servers in the east location,
ds-east-01
andds-east-02
, by looking at the access logs.The following simple search can be repeated as needed.
root@proxy-east-01: bin/ldapsearch --bindDN "cn=Directory Manager" \ --bindPassword password --baseDN "dc=example,dc=com" \ --searchScope base --useStartTLS "(objectclass=*)"
-
Stop the Directory Server instance on
ds-east-01.example.com
andds-east-02.example.com
using the stop-server command and immediately retry the searches in step 2.There should be no errors or noticeable delay in processing the search.
root@proxy-east-01: bin/stop-server root@proxy-east-01: bin/ldapsearch \ --bindDN "cn=Directory Manager" --bindPassword password \ --baseDN "dc=example,dc=com" --searchScope base --useStartTLS \ "(objectclass=*)"
-
Check the access log to confirm that requests made to these servers are routed to
the central servers because these servers are the first failover location in the
failover list for the
ds-east-01
andds-east-02
servers. -
Restart the Directory Server instance on
ds-east-01.example.com
andds-east-02.example.com
. - Check their access logs to ensure that traffic is redirected back from the failover servers.