Environment
Novell SecureLogin
NSL 7.x
SecureLogin installed in (any) LDAP mode
NSL 7.x
SecureLogin installed in (any) LDAP mode
Situation
How does Novell SecureLogin failover work?
How and when does NSL in LDAP mode attempt to connect to a different server?
How does SecureLogin use the Server History List?
How and when does NSL in LDAP mode attempt to connect to a different server?
How does SecureLogin use the Server History List?
Resolution
SecureLogin will attempt to authenticate in the order listed to the severs included in the Server History List described in section 1.2 of TID 3790292. The NSL LDAP Client will first attempt to authenticate with the server shown as the value for Server1. If Server 1 does not respond, SecureLogin will attempt to authenticate to the server shown as the value for Server 2. If the authentication to Server 2 fails, Server 3 will be tried, and so forth in sequence.
Additional Information
This procedure is followed during the
initial authentication only. The server History List is not used later
if a connection is lost. After SecureLogin has connected and the user
has authenticated to a particular server (hereinafter referred to as ServerA), that same
server (ServerA) is used for the remainder of the SecureLogin session
(i.e. until SecureLogin is restarted).
If the server to which SecureLogin connected (i.e. ServerA) goes down, SecureLogin will not attempt to attach to a different server. Instead, SecureLogin will go into “offline mode,†and will attempt to re-attach to ServerA at the cache refresh interval. If ServerA is available when a cache refresh is attempted, the NSL client will re-attach and go back into “online mode†with an attachment to ServerA. If ServerA is not available when the cache refresh is attempted SecureLogin will remain in “offline mode.†SecureLogin will try to reconnect to ServerA at each cache refresh interval, and if unsuccessful can potentially remain in “offline mode†for the remainder of the SecureLogin session until SecureLogin is restarted.
If the server to which SecureLogin connected (i.e. ServerA) goes down, SecureLogin will not attempt to attach to a different server. Instead, SecureLogin will go into “offline mode,†and will attempt to re-attach to ServerA at the cache refresh interval. If ServerA is available when a cache refresh is attempted, the NSL client will re-attach and go back into “online mode†with an attachment to ServerA. If ServerA is not available when the cache refresh is attempted SecureLogin will remain in “offline mode.†SecureLogin will try to reconnect to ServerA at each cache refresh interval, and if unsuccessful can potentially remain in “offline mode†for the remainder of the SecureLogin session until SecureLogin is restarted.