Changing the primary LDAP Server to redistribute the Server load

General Information

The default LDAP Server for Memberservers is the DC Master.
In large environments we recommend to set the primary LDAP Server of Memberservers to a different DC.
The primary LDAP Server used is specified with the UCR variable ldap/server/name , further Servers can be specified via the UCR variable ldap/server/addition .

Changing the primary LDAP Server
A list of the DC Backups is available with the command

ucr get ldap/backup

The command to change the primary LDAP Server to the first DC Backup in this list is:

ucr set --force ldap/server/name="$(ucr get ldap/backup | cut -d ' ' -f1)"

Using the --force flag is necessary since the LDAP directory policy cron job will overwrite the new setting otherwise.

Changing the fallback LDAP Servers

After you changed ldap/server/name, the DC Master won’t be used as the LDAP Server again.
We recommend to append its FQDN to the UCR Variable ldap/server/addition so that it will be considered if the new primary LDAP Server is not available.

ucr set --force ldap/server/addition="$(ucr get ldap/server/addition) $(ucr get ldap/master)"
2 Likes
Mastodon