I'm programming something that interfaces with AD using C# and I'm using LDAP to connect to a random DC with my LB... but, occasionally the code's LDAP connection is unsuccessful. I've tested LDAP connections to each individual DC and can't replicate the intermittent issue that happens only when I use LDAP through the LB. Does anyone know if there is a way to request the identity of the DC that the LB has chosen to connect us to using C# -- or by way of the response from the LDAP connection request?
Asked
Active
Viewed 449 times
1 Answers
2
Pretty sure there is no method without a connection to the Loadbalancer which might provide that information.
There are many different configurations which could be used within the Loadbalancer.
However, once a connection is made to an LDAP server through the Loadbalancer, you can determine the server you are connected to. A process of elimination may be able to determine if it is a "bad" Domain controller.
Although most LDAP server implementations show a dsaName value in the rootDSE which indicates the Directory Server Agent which you are connected.
Microsoft Active Directory does NOT support this standard. However, the serverName attribute Contains the distinguished name for the server object for this directory server in the configuration container.
jwilleke
- 10,467
- 1
- 30
- 51
-
Thank you for your response, JWilleke. I had tested my code with direct LDAP connections to each DC with 100% success. The issue seems to lie with our LB and we are now looking into a separate issue with it that arose over the weekend that is similar to what I was experiencing (that caused me to ask this question) a few days before. – J9Fackque Feb 27 '17 at 17:00