What happens when we have an AD User Source and lose connection to the LDAP server during authentication? I see our AD users when I go to Security-User Sources-Manage Users on the gateway. Does Ignition use this list if it loses connection to the LDAP server?
We would like to use Active Directory for our User Source but are concerned that our multi-site system may have issues if connection is temporarily lost.
The authentication is handled by the LDAP server, and the group assignments are done via Ignition.
If you lose connection to the LDAP Server, then the login will most likely fail as I don't believe there is any caching of password etc.... If you need rock steady authentication, then you may need to get your IT group to deploy a redundant LDAP server so that there is always one up and then the authenticate doesn't fail.
2 Likes
All logins for that user source will fail; we have run into this. You could set up a failover source, or create a redundant one like bschroeder said, or do some combination of the two.
2 Likes