Can I use an external DNS alias for simple load balancing, so requests can be directed to ldap.<domainname>?
Yes, you can use an external DNS alias for simple load balancing to direct requests to ldap.<domainname>. Here’s how it works:
Without Encryption:
- Simply create a DNS alias.
- Add the IP addresses of your LDAP servers.
- This setup will work without any issues as long as encryption is not used.
With Encryption:
- If encryption is used, the certificates of the LDAP servers must contain the DNS alias name. We do not have an out-of-the-box solution for this in UCS.
- As the LDAP servers are usually extremely fast, it helps most customers if they configure LDAP failover directly: Fail-safe domain setup