On Mon, 2007-03-19 at 08:11 -0600, David Boreham wrote:
Eddie C wrote:
I can not give an authoritative answer, but if your active
directory
is 2003 server your active directory itself is multimaster (
no
more
PDC and SDC ). It seems theorically possible to install active
directory sync on both nodes but leave it running only on one domain
controller. Something like this:
AD2 <-> AD1
|
LoadBalancer
|
FD2 <->FD1
This is a cool idea, but it may not work because FDS uses the
AD sync control to perform incremental inbound updates.
It's quite likely that the two AD servers would have different
states for the sync cookie. You could work around this
by initiating a full sync when failing over between ADs.
THanks for the comments so far, it appears that if I can mitigate the
risk, then I can just leave a single agreement in place between FDS and
AD.
The other question though, regarding one-way from AD to FDS - anyone got
any thoughts on that?
Cheers
Darren
This e-mail and any attachments may be confidential or legally
privileged.If you received this message in error or are not the intended
recipient, you should destroy the email message and any attachments or
copies, and you are prohibited from retaining, distributing, disclosing
or using any information contained herein. Please inform us of the
erroneous delivery by return e-mail. Thank you for your co-operation.
Mercer Human Resource Consulting Limited is authorised and regulated by
the Financial Services Authority. Registered in England No. 984275.
Registered Office: 1 Tower Place West, Tower Place, London, EC3R 5BU.