Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
856
Views
0
Helpful
2
Replies

WSA active directory authentication with 3 servers

betcheverria
Level 1
Level 1

‎04-11-2012 07:30 AM

I would like to know hos NTLM authentication works when The NTLM REALM is cofigured with 3 servers.

  - Is the authentication load balanced on the 3 servers.or only on  one

  -If the authentication is rejected by the first server what happens ?

  -How WSA know that a server is down

Labels:
0 Helpful
2 Replies 2

Chris Illsley
Level 3
Level 3

‎04-11-2012 08:16 AM

Hi,

I don't know if it is load balanced, but my guess is probably not and it would try sequentially.

Assuming this is one realm, if the authentication is rejected it will be rejected, but you wouldn't expect different AD servers in the same realm to behave differently anyway.

See below from documentation:

"Note: When  multiple authentication servers are configured in the realm, the appliance  attempts to authorize with up to three authentication servers before failing to  authorize the transaction within this realm."

It's after this when you want to decide if the IronPort should fail open or fail closed.

Thanks

Chris

0 Helpful

betcheverria
Level 1
Level 1
In response to Chris Illsley

‎04-12-2012 03:14 AM

Bonjour,

Thanks for your help

Bernard

0 Helpful
Customers Also Viewed These Support Documents