Hi,
I need to configure a FSSO with a redundancy on LDAP servers, a second server of AD for Failover.
Thanks in advanced.
Hi,
how about to have one FSSO Collector agent installed on first DC, asking local LDAP. Plus second FSSO Collector on second DC also asking local LDAP. And then have those two Collectors in one FSSO Agent setting in FortiGate. So when one Collector became unreachable then second one will be used until it fails as well.
So when local LDAP on any of DCs fail, then local collector will fail most probably as well as DC will be in more serious troubles then Collector not running.
This is usual scenario for FSSO resilience.
Tomas Stribrny - NASDAQ:FTNT - Fortinet Inc. - TAC Staff Engineer
AAA, MFA, VoIP and other Fortinet stuff
Try to open this link and follow instructions...
Yes, that is the "normal" working setup
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.