After configuring a Lightweight Directory Access Protocol (LDAP)
host for failover you should test the failover server by stopping the main
LDAP server.
Before you begin
This task assumes the following setup:
Deployment Manager is installed on the primary LDAP server running Application
Server version 6.0.2 or higher.
All other LDAP hosts are Active Directory machines with similar user registry
designs.
Atleast one of the other LDAP hosts has been configured for failover.
Procedure
Stop the Active Directory Server on the failover server.
Review the SystemOut.log file to see if the
LDAP failover happened. The sample text is an example of a SystemOut.log file
that records a successful failover:
[7/11/05 15:38:31:324 EDT] 0000000a LdapRegistryI A SECJ0418I:
Cannot connect to the LDAP server ldap://xxxx.xxxxx.xxxx.com:NNN. {primary LDAP server}
[7/11/05 15:38:32:486 EDT] 0000000a UserRegistryI A SECJ0136I:
Custom Registry:com.ibm.ws.security.registry.ldap.LdapRegistryImpl has been initialized
[7/11/05 15:38:53:787 EDT] 0000000a LdapRegistryI A SECJ0419I:
The user registry is currently connected to the LDAP server ldap://xxxx.xxxxx.xxxx.com:NNN. {failover LDAP server}
…
[7/11/05 15:39:35:667 EDT] 0000000a WsServerImpl A WSVR0001I: Server dmgr open for e-business
Log into the console to see working and non-working cases.
Start a browser.
Browse to http://localhost:9060/admin.
Type in your user ID and password and click OK.
Log out of the Administrative Console.
Type in DummyAdmin as the user ID and dummy1admin as
your password and click OK. This should fail proving
WebSphere® Application Server is connected to the other LDAP server. Please
make sure that on a production system the user registries are identical so
this problem does not happen when switching between LDAP servers.
Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.
This feature requires Internet access.
Most of the following links will take you to information that is not part of the formal product documentation and is provided "as is." Some of these links go to non-IBM Web sites and are provided for your convenience only and do not in any manner serve as an endorsement by IBM of those Web sites, the material thereon, or the owner thereof.
Last updated: Oct 21, 2010 7:37:48 AM CDT http://www14.software.ibm.com/webapp/wsbroker/redirect?version=v701sca&product=was-nd-mp&topic=tsec_test_LDAP_failover File name: tsec_test_LDAP_failover.html