I am using an AD/Internal Hybrid user source. In the event Active Directory becomes temporarily unreachable (e.g. network outage), what is the best way for users to continue to login?
I was hoping credentials could be stored in cache (Cache Validation Timeout > 0) or the internal database (Populate Users On-Demand = true), but this does not seem to be the case. As far as I can tell, my best option is to set the Failover Source to an Internal user source with a backup user in it. I then give my users the credentials for the backup user in the event AD is unreachable.
I don't know anything about the cache but I highly recommend that you use a soft failover to the default user source and leave the administrator user (or another) that can be used if the AD user source fails. The administrator password should, of course, be kept secret.
Config | Security | Users, Roles | Edit …
Failover Source = default.
Failover Mode = soft.
You could do that, creating a set of emergency users - one per role, perhaps. The problem here is that those logins will let anyone with the password in at any time unless you enable / disable them on the gateway.
Consider using soft failover and always having production personnel use non-AD credentials.
Um, why? Using AD has the big advantage of chucking the user maintenance to the IT/HR departments. What problem does your reccomendation solve?
Network failures between production LAN and datacenter.
If you arrange to provide all resources on your LAN, you can maintain production in the face of IT failures. That, and you can confine your Production LAN's security boundary more completely.
Straight out of the US-CERT cyber-security recommendations. (Database should also be in the production LAN, not in a DMZ.)
So you lose SSO / common passwords?
Thanks for the feedback. I appreciate it.