Multiple external LDAP servers for authentication - no failover

[su_A_ve]

We've been running ZCS for serveral years now and have configured zimbra for external authentication pointing to three ldap servers (all replicas).

However recently we had an issue where one of the replicas needed to be bounced and we lost complete access to zimbra for authentication (users would connect and connections would time out trying to authenticate). Upon getting the ldap server in question brought back online, we noticed that this server was the one listed first on the list of servers to do authentication.

Clearly, there is no failover happening. What's the purpose then for having multiple ldap servers or is failover not working? Is there a timeout value somewhere that would make it the server use the next in line?

TIA.

[bryandobson]

Have you heard back regarding this issue? I'm having the same problem in that we had our primary LDAP go out and the backup was just fine but everything stopped working.

It could be a timeout issue perhaps whereas it should fail over for any request as soon as it does not get a proper response.

[Canadianpj]

Just wanted to give this a bump to see if anyone had found a way to make this fail over faster? I had another incident where this working would have saved me a lot of grief.

[soba@ukw.edu.pl]

Configure DNS record (round robin) for multiple ldap query.

P.s
Zimbra can work with NSCD for caching ldap query.