I have an openfire server currently configured to talk to Active Directory using a single A record which resolves to 4 domain controllers. When an connection is established, it would connect to one of the servers.
This setup has been working fine for us until today when one of the domains controllers was having problems and was refusing connections. Rather than cycling through the three remaining servers like I expected, the server would just refuse to authentcate a user whenever the bad server came up first in the rotation.
I have two questions:
Is there a better way to do what we’re trying to do here? Our domain controllers are distributed in a number of locations, so a load balancer isn’t really a good option and we’d prefer not to just choose one or two of the DCs to bind to.
When a DNS query for an A record returns 4 records, how difficult would it be for Openfire to add all 4 records as possible LDAP servers?