How To
ForgeRock Identity Platform
Does not apply to Identity Cloud

How do I configure the LDAP connector in IDM (All versions) for LDAP failover?

Last updated Jul 13, 2021

The purpose of this article is to provide information on configuring the LDAP connector in IDM for LDAP failover, when DS is being used as your LDAP servers. This article assumes replication is enabled on your DS servers.


2 readers recommend this article

Overview

You can configure the LDAP connector for failover in your provisioner configuration file (for example, provisioner.openicf-ldap.json), which is located in the /path/to/idm/conf directory. This allows you to specify a primary DS server and alternative secondary DS servers. When failover is configured: if IDM cannot connect to the primary DS server, it will attempt to connect to one of the secondary DS servers (in the order they are specified) until a connection is successful. If the primary server subsequently becomes available again, IDM will re-connect to the primary server.

Note

This article does not apply to failover of the DS repository just the LDAP connector. If you are using DS as an external repository, see Configure Two DS Repositories in an Active/Passive Deployment for further information.

Configuring the LDAP connector for failover

To configure the LDAP connector for failover:

  1. Set the host and port properties in your provisioner configuration file to point to the primary DS server, for example: "configurationProperties" : {    "host" : "ds1.example.com",     "port" : 1389,
  2. Set the failover property in your provisioner configuration file to point to one or more secondary DS servers by specifying the full LDAP URLs, for example: "failover" : [    "ldap://ds1.example.com:18080",     "ldap://ds2.example.com:28080" ],

See Also

Best practice for LiveSync in IDM (All versions) with multiple DS instances

LDAP Connector

Related Training

N/A

Related Issue Tracker IDs

N/A


Copyright and Trademarks Copyright © 2021 ForgeRock, all rights reserved.