Security Verify Access failover capability for LDAP servers

Security Verify Access failover capability for LDAP servers

When it starts, Security Verify Access connects to the LDAP master server indicated by the host key in the ldap.conf configuration file.
If the LDAP master server is down for any reason, the ISAM server must be able to connect to an available LDAP replica server for any read operations. For Security Verify Access, these types of servers are configured as readonly servers.
Many operations, especially those from regular users, are read operations. These include operations such as user authentication and sign-on to back-end junctioned web servers. After configuration, Security Verify Access fails over to a replica server when it cannot connect to the master server.
We can find the configuration parameters for LDAP failover in the [ldap] stanza of the ldap.conf configuration file. This configuration file is in one of the following operating system-specific locations:

On AIX, Linux, and Solaris operating systems

/opt/PolicyDirector/etc/ldap.conf

On Windows operating systems

install_path\etc\ldap.conf

Parent topic: LDAP failover configuration