30.6 Providing LDAP Load Balancing and Fault Tolerance

If you have multiple LDAP servers for access to your user source (directory), you can configure your ZENworks Servers to recognize each of the LDAP servers. This provides both load balancing and fault tolerance.

For example, if you have multiple ZENworks Servers, you can configure each one to access the user source through a different LDAP server. This distributes the workload more evenly among the LDAP servers.

Likewise, for each ZENworks Server, you can list multiple LDAP servers through which it can connect to the user source. If one of the LDAP servers becomes unavailable, the ZENworks Server uses another LDAP server.

In versions prior to ZENworks Configuration Management SP3, you need to specify the additional LDAP servers for a ZENworks Server in the alt-servers.properties configuration file located in the following directory on the ZENworks Server:

However, in ZENworks 10 Configuration Management SP3 (10.3), you can specify additional LDAP servers by using ZENworks Control Center or the zman command line utility.

If you upgrade from Novell ZENworks 10 Configuration Management 10.2.x to ZENworks 10 Configuration Management SP3 (10.3), you need to manually redefine the existing additional LDAP servers specified in the alt-servers.properties file. For more information on how to add or redefine the additional LDAP servers for the ZENworks Server, see the following sections:

30.6.1 Using ZENworks Control Center to Define Additional LDAP Servers for a ZENworks Server

  1. In ZENworks Control Center, click the Configuration tab, then click a user source in the User Sources panel.

  2. In the Connections panel, click Add to launch the Create New Connection Wizard.

  3. Fill in the fields:

    Connection Name: Specify a descriptive name for the connection to the LDAP directory.

    Address: Specify the IP address or DNS hostname of the server where the LDAP directory resides.

    Port: This field defaults to the standard SSL port (636) or non-SSL port (389), depending on whether the user source uses SSL. If your LDAP server is listening on a different port, select that port number.

    Add Connection to all Primary Servers: Adds the connection you are creating to all ZENworks Primary Servers in the Management Zone.

  4. (Conditional) If the user source uses the Secure Socket Layer (SSL) protocol, click Next to display the Certificate page, ensure that the certificate is correct, then click Next to advance to the Summary page.


    If the user source does not use SSL, click Next to advance to the Summary page.

  5. Review the information and, if necessary, use the Back button to make changes to the information, then click Finish.

30.6.2 Using the zman Command Line Utility to Define Additional LDAP Servers for a ZENworks Server

To define additional LDAP servers for a ZENworks Server, run the user-source-add-connection (usac) command on the server. For more information on using the zman command, see User Commands in the ZENworks 10 Configuration Management Command Line Utilities Reference.