I have setup JIRA to work with our Active Directory. Is there a way to specify a failover node so that if the primary active directory server is done, it can authnenticate using a second server?
We looked into this today actually. It turns out that it´s not much into actually fixing the issue. A colleague of mine posted a suggestion to Atlassian on this 7 year old case:
Internally we simply use a two linux servers and put a virtual IP them using keepalived.
On top of that we have haproxy which handles the load balancing and forwarding back to the AD-servers.
I love Atlassian but they certainly seem to resist any sort of tight integration with Windows environments - everything else in our stack allows for us to specify multiple LDAP servers for failover - which is how Active Directory is supposed to work. I did a little searching around, and it seems like putting Active Directory nodes behind a load balancer / virtual IP is not a standard way of doing this (See https://social.technet.microsoft.com/wiki/contents/articles/33547.load-balancers-and-active-directory.aspx) - I would imagine that it may cause some unexpected behavior.
I guess, for now, we'll have to have our Atlassian products authenticate against a single node...
I agree, but it's more a case that Microsoft resist doing things in a way that the large majority of other systems are doing things. More and more, we're seeing services making the assumption that "when I connect to X, it's there, and I don't need to round-robin/check-others etc, because X will handle redundancy for me"
Putting AD behind a balancer/virtual IP is indeed not a standard thing to do, but in the wider world, putting your directory services (and other things) is. AD re-invents yet another wheel in that way that it suggests doing redundancy.
Hi there! Shannon from Statuspage here. 👋 With Cyber Monday quickly approaching, we're looking to hear from Atlassian customers – specifically from teams who touch incident response li...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs