VMware vSphere

 View Only

  • 1.  LDAP Authentication failover

    Posted Nov 20, 2024 03:07 PM

    Good day.

    vCenter version is 7U3a 

    We have identity source configured as Active Directory over LDAP.

    Both "Primary server URL" and "Secondary server URL" are configured.

    When the primary DC is not accessible or turned off we cannot authenticate anymore using secondary server. When secondary is turned off we can still authenticate.

    Testing setup:

    vCenter LDAP uses only DC1 - Everything works when DC1 is up

    vCenter LDAP uses only DC2 - Everything works when DC2 is up

    vCenter LDAP uses DC1 as a primary + DC2 as a secondary - Everything works when both are up

    vCenter LDAP uses DC1 as a primary + DC2 as a secondary - Nothing works when DC1 is down 

    The following entries are present in the log file " [Can't contact LDAP server] therefore will try to attempt to use secondary URIs, if applicable"



  • 2.  RE: LDAP Authentication failover

    Posted Dec 09, 2024 12:24 PM

    @Alexander Noyanov,

    I would request you to go through the below article to see if everything is in place, if no please make changes accordingly and recheck.

    https://knowledge.broadcom.com/external/article/373513/ad-authentication-in-vcenter.html



    ------------------------------
    If you find this answer right, please 'Recommend' this post.

    Thank you!

    Regards,
    Shen
    ------------------------------

    Original Message