Secondary lookup server support

Adaptive Server version 12.5.4 provides uninterrupted support to Adaptive Server clients authenticated by an LDAP server. You can now specify a secondary LDAP lookup server to fail over from a primary LDAP server in the event of the LDAP server failure or planned downtime.

The health of the URL set is monitored through the following states:

The following sequence of events describe the fail over and manual fail back:

  1. The primary and secondary URL sets are configured and in a READY state.

  2. The connections are authenticated using the primary server infrastructure.

  3. The primary server fails, and its state is changed to FAILED.

  4. Connections automatically begin authentication through the secondary server infrastructure.

  5. The primary server is repaired and brought back online by an LDAP administrator. The primary LDAP server state is changed by an Adaptive Server administrator to READY.

  6. New connections are authenticated using the primary server.

NoteOnce Adaptive Server has failed over to the secondary LDAP server, a database administrator must manually activate the primary LDAP server before it can be used again.

When Adaptive Server encounters errors connecting to an LDAP server, it retries the authentication three times. If the errors persist the LDAP server is marked as FAILED. See “Troubleshooting LDAP user authentication errors” for information on the LDAP errors which force Adaptive Server to get into a retry loop.

Adaptive Server version 12.5.4 introduces the following new sp_ldapadmin options to support secondary lookup LDAP servers:

Adaptive Server version 12.5.4 includes the following sp_ldapadmin option changes to support secondary servers.