Forum Discussion
NimbostratusAPM AD Query fails when using pool
Hi, I need to use the AD Query function at the VPE. For that I created a ADserver object without admin username and password. (If you configure an admin uswername/pwd it fails quering).
Now the issue is that it works if I configure one Active Directory server by using the radio buttion "direct". But when I select a pool and configure several Active Directory servers for redundancy, it fails.
Looking at the log it says:
AD module: ldap_initialize() successful. URI:'ldap://127.7.0.5:389' AD module: Couldn't get ldapHostName for IP address 127.7.0.5. Falling back to reverse DNS record dependency on DNS for AD.
The 127.x.x.x IP addresses appear because you craft a pool. If you use the direct radio button, you will see the IP address of the Active Directory server and it is succcesful.
I am running 11.5.1.hf9.
I need some Active Directory server redundancy, so I was thinking to use a virtual server with loadbalancing across the Active Directory servers. However I get the same errors but then with the IP address of the virtual server.
3 Replies
EmBee_57573pool works via the production and direct runs via the management interface.... firewall was killing my connection
- EmBee_57573
Hi Greg, thanks for thinking with me, but NTP and DNS are configured correctly....:(
For LDAP queries you do not always need a administrative account. If I run the ldapsearch command on the BIG-IP it works perfectly....
Maybe DNS and NTP settings on BIG-IP were overlooked? I would verify NTP is configured and appropriate Domain Name Servers are configured on your BIG-IP. AD services often times require reverse lookup, verify the DNS's added have valid pointer records for your AD servers. You should also have an administrative account associated when performing AD queries as it is usually needed to perform AD query functions from the BIG-IP unless the domain has specifically been setup to allow anonymous connections.
