Scalix Forums

We are currently authenticating against our primary AD server. I want to set scalix to authenticate against both the primary and secondary in case one goes down. Has anyone done this? Is it simply a matter of generating the keytab for the secondary server and running ommergekeys and omkrbconf again?

Thanks.
Ben

From what I could see from traffic a DNS lookup gets done for the KDC even when one is specified in krb5.conf. So I think it will fall back automatically. But I am not 100% sure - you will have to test this, maybe.

We recently took the primary AD server down for maintenance and everyone lost email until we were able to bring it back up because they couldn't authenticate.

By primary and secondary AD servers I mean we have one at server1.domain.local and another at server2.domain.local. I want to configure Scalix to fall back to server2 if server1 is down.

Thanks.

Mmm ... in that case I can't help you. Maybe someone else with more AD experience can comment on this? Alternatively you will have to ask Scalix Support for a solution.

bbryan wrote:We recently took the primary AD server down for maintenance and everyone lost email until we were able to bring it back up because they couldn't authenticate.

By primary and secondary AD servers I mean we have one at server1.domain.local and another at server2.domain.local. I want to configure Scalix to fall back to server2 if server1 is down.

Thanks.

Do you have both KDC's specified in /etc/krb5.conf? I'm pretty confident that that is all that is required. e.g.

Hi,
could you please point me to documents you've used to configure authentication against AD?

Thanx in advance.

lordzik wrote:Hi,
could you please point me to documents you've used to configure authentication against AD?

Thanx in advance.

Scalix Setup Guide, look under Authentication.

Thank you - i've already found it and integrated Scalix with AD.

There's also great video tutorial:
http://www.netometer.com/video/indexkey ... /index.php