Description of problem: How can we determine what domain controller is currently being used for Active Directory Authentication and other AD requests? We will be implementing the multiple Domain Controller This capability will be required in order to troubleshoot possible future AD authentication issues. Addition we would like to know what the Failover mechanism is? For example: If we have 3 domain controllers listed how does rhevm determine which AD controller is used to service requests and what is the critera that us used to failover to the next one. Version-Release number of selected component (if applicable): N/A How reproducible: N/A Additional info: The only way to get an idea of this information is the following: Do a service record lookup... # dig -t SRV _ldap._tcp.yourdomain.com
in 3.5 using the new LDAP provider ovirt-engine-extension-aaa-ldap[1][2], there are several policies (serverset) to access domain. the recommendation for active directory is to use DNS SRVRecord, which will select the server with the higher priority and refresh every interval. you can select other policies if you like. enabling debug at level ALL will also enable you to see what ip address is being accessed. [1] http://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-ldap.git;a=blob;f=README;hb=HEAD [2] http://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-ldap.git;a=blob;f=README.profile;hb=HEAD