Failover of Directory Servers
If you are using an LDAP-compliant security realm, the PTC RV&S Agent supports the use of multiple directory servers to handle authentication when one server fails. The PTC RV&S Agent uses the Domain Name Service (DNS) list to find all directory servers associated with the server host name and authenticates to the first server in the list that responds to the connection request. To minimize waiting time, the PTC RV&S Agent maintains a pool of the directory servers that it has connected to.
If you are using failover, you should review the following cache settings in agent.properties:
java.security.property.networkaddress.cache.ttl
java.security.property.networkaddress.cache.negative.ttl
You should also review the time-out settings used by PTC RV&S Agent when trying to connect to a directory server. These settings are specified in the security.properties file in the following properties:
Property
Description
ldap.connect.timeout
Number of seconds PTC RV&S Agent waits when connecting to directory server before deciding it is not responding. Default is 5.
ldap.blacklist.timeout
Minimum number of seconds PTC RV&S Agent waits before trying to reconnect to inactive directory server. Default is 300.
ldap.pool.timeout
Number of seconds active directory server connection remains in pool before removing its connection. Default is 60.
ldap.read.timeout
Number of seconds PTC RV&S waits before getting data from LDAP. Default is 60.
Was this helpful?