Client-side external directory failover - SSO
- ubisebastian
For client side failover, specify all of the clustered LDAP nodes as a list of whitespace separated values in the com.ubisecure.util.ldap.server.list.
Always use the hostname shown in java.naming.provider.url in the user interface of Ubisecure Management. All queries using the address in java.naming.provider.url will be directed to the fastest responding host listed in com.ubisecure.util.ldap.server.list.
|
|---|
Figure 1. Client-side failover settings with Active Directory schema |
java.naming.factory.initial = com.ubisecure.util.ldap.jldap.JLDAP java.naming.provider.url = ldaps://pdc.example.com/dc=example,dc=com com.ubisecure.util.ldap.server.list = ldaps://node2.example.com/ ldaps://node1.example.com/ java.naming.security.authentication = simple java.naming.security.principal = cn=UbiUser,dc=example,dc=com java.naming.security.credentials = secret java.naming.security.protocol = ssl
The example above has two LDAP nodes ldaps://node2.example.com/ and ldaps://node1.example.com/, however the address ldaps://pdc.example.com/ is used to represent them both in the user interface of Ubisecure Management.
This web page (including any attachments) may contain confidential, proprietary, or privileged information – not for disclosure without authorization from Ubisecure Inc. Copyright © 2024. All Rights Reserved.