Testing a simulated external server failure - PingDirectory

Page created: 15 Jul 2022 |

Page updated: 20 Jan 2023

| 1 min read

9.2 Product PingDirectory Product documentation Content Type Directory Capability IT Administrator Administrator Audience System Administrator Software Deployment Method Administration User task Configuration

After you have tested connectivity, run a simulated failure of a load-balanced external server to verify that the PingDirectoryProxy server redirects LDAP requests appropriately.

In this procedure, stop the ds-east-01.example.com:389 server instance and test searches through proxy-east-01.example.com.

Perform several searches against the PingDirectoryProxy server. Verify activity in each of the servers in the east location, ds-east-01 and ds-east-02, by looking at the access logs.

Because you used the default load balancing algorithm of fewest operations, it's likely that all of the searches go to only one of the proxies.
The following simple search can be repeated as needed.
```
root@proxy-east-01: bin/ldapsearch \ 
--bindDN "cn=Directory Manager" \
--bindPassword password --baseDN "dc=example,dc=com" \ 
--searchScope base --useStartTLS "(objectclass=*)"
```
Stop the directory server instance on ds-east-01.example.com using the stop-server command and immediately retry the searches in step 1.

Note:
There should be no errors or noticeable delay in processing the search.
```
root@ds-east-01: bin/stop-server

root@proxy-east-01: bin/ldapsearch \ 
--bindDN "cn=Directory Manager" \
--bindPassword password --baseDN "dc=example,dc=com" \ 
--searchScope base --useStartTLS "(objectclass=*)"
```
Restart the PingDirectoryProxy server instance on ds-east-01.example.com.
Check the access log to confirm that the PingDirectoryProxy server started to include the ds-east-01 server in load-balancing within 30 seconds.

The default time is 30 seconds, but you can change this default.