Slow External Authentication Plugin Failover
(Doc ID 414954.1)
Last updated on FEBRUARY 07, 2019
Applies to:Oracle Internet Directory - Version 126.96.36.199 and later
Information in this document applies to any platform.
Experiencing slow failover (more than 3 minutes) between External LDAP servers and OID/Database when using External Authentication Plugin, with OID 10.1.4 through 11g.
Using failover in external authentication is only recommended as a last resort. It depends on the TCP request to the first AD server returning an error, before it can try the second. In most networks the TCP timeout and retries will result in several seconds and sometimes minutes to detect the primary is down. This will impact every bind attempt. The proper and more effective solution is to use a virtual host and have a load balancer configured in front of the AD servers. (Please note that while this solution would work for External Authentication plugin, it does not work with DIP synchronization.)
The primary remote host, as defined in the External Authentication plugin, has gone down and is not accessible on the network.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document