Slow External Authentication Plugin Failover (Doc ID 414954.1)

Last updated on AUGUST 30, 2023

Applies to:

Oracle Internet Directory - Version 11.1.0.6 and later
Information in this document applies to any platform.

Symptoms

Experiencing slow failover (more than 3 minutes) between External LDAP servers and OID/Database when using External Authentication Plugin, with OID 10.1.4 through 11g.

Using failover in external authentication is only recommended as a last resort. It depends on the TCP request to the first AD server returning an error, before it can try the second. In most networks the TCP timeout and retries will result in several seconds and sometimes minutes to detect the primary is down. This will impact every bind attempt. The proper and more effective solution is to use a virtual host and have a load balancer configured in front of the AD servers. (Please note that while this solution would work for External Authentication plugin, it does not work with DIP synchronization.)

Changes

The primary remote host, as defined in the External Authentication plugin, has gone down and is not accessible on the network.

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

Slow External Authentication Plugin Failover (Doc ID 414954.1)

Applies to:

Symptoms

Changes

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!