Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Mark Zawodny 9 posts 72 karma points
    Aug 29, 2013 @ 18:42
    Mark Zawodny
    0

    Multiple DCs configured, but no failover?

    I successfully set up this package and it's working great!  That is until one of our domain controllers went offline for maintenance.  We have two DCs and both were configured in web.config.  It looks like it is only looking for the first AD server entry and if that isn't available, instead of failing over to the next server, it doesn't authenticate.

    Here's the snippet from our web.config file:

    <ADSettings defaultUsername="" defaultPassword="">
        <ADSettings>
          <clear />
          <add server="192.168.1.6" domain="GCUMD" container="DC=GCUMD,DC=local" username="tivilon" password="######" />
          <add server="192.168.1.5" domain="GCUMD" container="DC=GCUMD,DC=local" username="tivilon" password="######" />
        </ADSettings>
    </ADSettings>

     

    Passwords have been changed to protect the innocent :-)

    We basiclly want to failover to the 192.168.1.5 server if 192.168.1.6 is unavailable (and vice versa).

    So is a failover not a feature of this package? Is there a better way of doing this?  I'm appreciative of any information you can help provide!

  • Kevin Jump 2342 posts 14889 karma points MVP 8x c-trib
    Aug 29, 2013 @ 19:00
    Kevin Jump
    0

    it wasn't really written with failover in mind it was more intended for multiple domains (we had lots of users across many domains logging onto the single site).

    It should in theory try each setting, but I suspect you are getting a timeout when it attempts to get to the dead server - in what way was it down (completely off - or responding badly?)

    Obviously you might not want to try it on your live site but setting putting ?umbdebugshowtrace=true on the url (i.e http://mysite/?umbdebugshowtrace=true ) will let you see the provider stepping through (it should log for each domain it encounters).

  • Mark Zawodny 9 posts 72 karma points
    Aug 29, 2013 @ 20:02
    Mark Zawodny
    0

    Hey Kevin,

    Thanks for the quick reply.  It was completely off when it wouldn't authenticate.

    It actually threw a .NET error:

    Server Error in '/' Application.

    --------------------------------------------------------------------------------

     

    The LDAP server is unavailable. 

    Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. 

     

    Exception Details: System.DirectoryServices.Protocols.LdapException: The LDAP server is unavailable.

     

    Source Error: 

     

    An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.  

     

    Stack Trace: 

     

     

    [LdapException: The LDAP server is unavailable.]

       System.DirectoryServices.Protocols.LdapConnection.Connect() +163067

       System.DirectoryServices.Protocols.LdapConnection.SendRequestHelper(DirectoryRequest request, Int32& messageID) +760

       System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout) +108

       System.DirectoryServices.AccountManagement.PrincipalContext.ReadServerConfig(String serverName, ServerProperties& properties) +489

     

    [PrincipalServerDownException: The server could not be contacted.]

       System.DirectoryServices.AccountManagement.PrincipalContext.ReadServerConfig(String serverName, ServerProperties& properties) +522681

       System.DirectoryServices.AccountManagement.PrincipalContext.DoServerVerifyAndPropRetrieval() +103

       System.DirectoryServices.AccountManagement.PrincipalContext..ctor(ContextType contextType, String name, String container, ContextOptions options, String userName, String password) +723

       System.DirectoryServices.AccountManagement.PrincipalContext..ctor(ContextType contextType, String name, String container, String userName, String password) +102

       LDL.Web.Security.ActiveDirectory.ADRoleProvider.GetRolesForUser(String username) +1036

       System.Web.Security.RolePrincipal.GetRoles() +329

       System.Web.Security.Roles.GetRolesForUser(String username) +675

       umbraco.cms.businesslogic.web.Access.HasAccces(Int32 documentId, Object memberId) +126

       Umbraco.Web.Routing.PublishedContentRequestBuilder.EnsureNodeAccess() +603

       Umbraco.Web.Routing.PublishedContentRequestBuilder.LookupDocument2() +891

       Umbraco.Web.Routing.PublishedContentRequestBuilder.LookupDocument() +234

       Umbraco.Web.Routing.PublishedContentRequest.ProcessRequest(HttpContextBase httpContext, UmbracoContext umbracoContext, Action`1 onSuccess) +187

       System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +80

       System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +266

     

     Hope this helps better understand the issue. Let me know if you have any ideas!  Thanks so much for your help!

Please Sign in or register to post replies

Write your reply to:

Draft