M
markvg60
hi, I'm trying to find a way to have domain controller:
1. stop taking new ldaps connections
2. get the active connections to disconnect and find another domain controller
2a. do these without notifying the client (Linux machines, binding their applications to AD) that the ldaps connection failed.
i know i could stop advertising dns for the domain controller, but our environment uses infoblox and i don't have access to it.
I'm hoping to find something that could be scripted and if scripted, scheduled so, we can reboot the domain controllers after patching, without affecting the Linux hosts bound to them.
i was looking around can see where i can stop the ldap connections, but the method sends a message back to the client telling them that ldap failed, which raises alerts and i get called in at all times of the day to tell them, they just need to restart their app or clear their dns cache.
has anyone heard of this process?
thanks
Continue reading...
1. stop taking new ldaps connections
2. get the active connections to disconnect and find another domain controller
2a. do these without notifying the client (Linux machines, binding their applications to AD) that the ldaps connection failed.
i know i could stop advertising dns for the domain controller, but our environment uses infoblox and i don't have access to it.
I'm hoping to find something that could be scripted and if scripted, scheduled so, we can reboot the domain controllers after patching, without affecting the Linux hosts bound to them.
i was looking around can see where i can stop the ldap connections, but the method sends a message back to the client telling them that ldap failed, which raises alerts and i get called in at all times of the day to tell them, they just need to restart their app or clear their dns cache.
has anyone heard of this process?
thanks
Continue reading...