You must configure one or more LDAP servers, in addition to an LDAP directory, when one or both of the following situations exist:
You want to configure a pool of LDAP servers to provide redundancy for LDAP authentication.
You want to provide GroupWise users in a remote location with a local LDAP server and directory replica to facilitate prompt LDAP authentication.
Add one of more LDAP servers to your GroupWise system, then configure a pool of LDAP servers for each post office.
To add an LDAP server to make your LDAP directory more accessible:
In the GroupWise Admin console, click , then click .
Ensure that you know the required information for the LDAP server that you want to set up for use with your LDAP directory.
Fill in the fields on thetab, then click the tab.
Select one or more post offices in thelist, then click the arrow button to move them into the list.
Clickto add the new LDAP server to your GroupWise system.
Clickto return to the main Admin console window.
Continue with Configuring a Pool of LDAP Servers.
When you configure multiple LDAP servers, all configured LDAP servers make up the initial LDAP server pool. By default, the POA can contact any server in the pool when authenticating a GroupWise user that belongs to a post office. This provides load balancing and fault tolerance because each LDAP server in the pool is contacted equally often by the POA.You might prefer that the POA for a post office first contact specific LDAP servers, contacting other servers in the pool only if none of the preferred LDAP servers are available.
In the GroupWise Admin console, ensure that you have more than one LDAP server set up for use with GroupWise.
Browse to and click the name of a post office, then click thetab.
Selectto activate the pool settings.
(Optional) Adjust the pool settings as needed for your network environment.
Select one or more LDAP servers in thelist, then click the arrow button to move them into the list.
Clickto save the security settings for the post office.
Corresponding Startup Switches: You can also use the ‑‑ldappoolresettime startup switch in the POA startup file to configure the timeout interval.
If the POA does not need to use an SSL connection to your LDAP servers, you can use the ‑‑ldapipaddr switch to list multiple LDAP servers. Then, if the primary LDAP server fails to respond, the POA tries the next LDAP server in the list, and so on until it is able to access the LDAP directory. This provides failover LDAP servers for the primary LDAP server but does not provide load balancing, because the primary LDAP server is always contacted first.
In the GroupWise Admin console, ensure you have provided the basic LDAP information on the Post Office object tab.
For background information, see Providing LDAP Authentication for GroupWise Users.
Edit the POA startup file (post_office.poa) with an ASCII text editor.
For more information about the POA startup file, see Section 20.0, Using POA Startup Switches.
Use the ‑‑ldapipaddr startup switch to list addresses for multiple LDAP servers. Use a space between addresses.
/ldapipaddr-172.16.5.18 172.16.15.19 172.16.5.20
IMPORTANT:Do not include any LDAP servers that require an SSL connection. There is currently no way to specify multiple SSL key files unless you are using pooled LDAP servers. For more information, see Configuring a Pool of LDAP Servers.
Save the POA startup file, then exit the text editor.
Stop the POA, then start the POA so that it reads the updated startup file.