General Information
The default LDAP Server for Memberservers is the DC Master.
In large environments we recommend to set the primary LDAP Server of Memberservers to a different DC.
The primary LDAP Server used is specified with the UCR variable ldap/server/name , further Servers can be specified via the UCR variable ldap/server/addition .
Changing the primary LDAP Server
A list of the DC Backups is available with the command
ucr get ldap/backup
The command to change the primary LDAP Server to the first DC Backup in this list is:
ucr set --force ldap/server/name="$(ucr get ldap/backup | cut -d ' ' -f1)"
Using the --force flag is necessary since the LDAP directory policy cron job will overwrite the new setting otherwise.
Changing the fallback LDAP Servers
After you changed ldap/server/name, the DC Master won’t be used as the LDAP Server again.
We recommend to append its FQDN to the UCR Variable ldap/server/addition so that it will be considered if the new primary LDAP Server is not available.
ucr set --force ldap/server/addition="$(ucr get ldap/server/addition) $(ucr get ldap/master)"