Failover of Directory Servers

Installation et configuration de l'agent > Agent Windchill RV&S Security > Failover of Directory Servers

If you are using an LDAP-compliant security realm, the Agent Windchill RV&S supports the use of multiple directory servers to handle authentication when one server fails. The Agent Windchill RV&S uses the Domain Name Service (DNS) list to find all directory servers associated with the server host name and authenticates to the first server in the list that responds to the connection request. To minimize waiting time, the Agent Windchill RV&S maintains a pool of the directory servers that it has connected to.

If you are using failover, you should review the following cache settings in agent.properties:

java.security.property.networkaddress.cache.ttl
java.security.property.networkaddress.cache.negative.ttl

You should also review the time-out settings used by Agent Windchill RV&S when trying to connect to a directory server. These settings are specified in the security.properties file in the following properties:

Property	Description
ldap.connect.timeout	Number of seconds Agent Windchill RV&S waits when connecting to directory server before deciding it is not responding. Default is 5.
ldap.blacklist.timeout	Minimum number of seconds Agent Windchill RV&S waits before trying to reconnect to inactive directory server. Default is 300.
ldap.pool.timeout	Number of seconds active directory server connection remains in pool before removing its connection. Default is 60.
ldap.read.timeout	Number of seconds Windchill RV&S waits before getting data from LDAP. Default is 60.

Parent topic

Agent Windchill RV&S Security

Est-ce que cela a été utile ?