After you have tested connectivity, run a simulated failure of a load-balanced external server to verify that the PingDirectoryProxy server redirects LDAP requests appropriately.
To run a simulated external server failure:
ds-east-02.example.com:389server instances and test searches through
Perform several searches against the PingDirectoryProxy
server and verify activity in each of the servers in the east location,
ds-east-02, by looking at the access logs.
The following simple search can be repeated as needed.
root@proxy-east-01: bin/ldapsearch --bindDN "cn=Directory Manager" \ --bindPassword password --baseDN "dc=example,dc=com" \ --searchScope base --useStartTLS "(objectclass=*)"
Stop the directory server instance on
ds-east-02.example.comusing the stop-server command and immediately retry the searches in step 2.
There should be no errors or noticeable delay in processing the search.
root@proxy-east-01: bin/stop-server root@proxy-east-01: bin/ldapsearch \ --bindDN "cn=Directory Manager" --bindPassword password \ --baseDN "dc=example,dc=com" --searchScope base --useStartTLS \ "(objectclass=*)"
Check the access log to confirm that requests made to these servers are routed to
the central servers because these servers are the first failover location in the
failover list for the
Restart the directory server instance on
- Check their access logs to ensure that traffic is redirected back from the failover servers.