Authentication fails when two AD servers are added and one is unavailable

  • Hello,

    We have multiple environments for our WordPress site, a dev, a staging and a production. The Active Directory server in dev environment is different from the Active Directory in the staging environment but they have the same active directory domain. Note that the dev AD server is not accessible from staging environment and vice versa. When I enter the dev AD server address in NADI configuration in the dev environment along with all the other required parameters and clicked “verify”, I get a success message. However, if I also add the staging environment server as a second domain controller, and click verify, the connection fails. Following is from the documentation at https://active-directory-wp.com/docs/Configuration/Environment.html:

    Multiple domain controllers can be defined by putting a single IP or DNS name in every input field.

    • Each IP must serve the same Active Directory domain.
    • Please note that the first domain controller is used by default. All other DCs are only used if ADI failed to connect or failed to authenticate the user to the previous one.
    • There is no real Round Robin implemented. All additional domain controllers are used as fallback only.

    As I see it, the second server should only be contacted if the first is not available but that doesn’t seem to be the case. I need to make sure that multiple server functionality works because we need to have failover support in the production environment so that if the primary AD server fails, the secondary will take over the authentication. Is what I have experienced a problem in the “verify” functionality only or will it be a problem in the actual authentication, too?

    Thanks

    • This topic was modified 6 years, 3 months ago by asif7861.
Viewing 3 replies - 1 through 3 (of 3 total)

  • Hello @asif7861,

    you can define have multiple domain controllers but NADI only supports one Active Directory server per site. So you domain controllers have to point to the same Active Directory.

    Best regards,
    medan123

    Thread Starter asif7861

    (@asif7861)

    Hi @medan123,

    Thanks for your reply. Both servers point to the same active directory but one of them is unavailable at the time I click verify. I get login failed message even though the primary server is available. If I remove the second server (the unavailable one) from the config, login succeeds.

    All the best,
    Asif

    Hello @asif7861,

    thank you for the information. I will take a look at it and try to reproduce the problem.

    Best regards,
    medan123

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Authentication fails when two AD servers are added and one is unavailable’ is closed to new replies.