After verifying that the SRV RR service name for the GC can find the GC servers for a site, configure the LdapServerName property with the SRV RR service name for the site, for example:
<Mechanism Name="ldap"> <MechanismProperties MechanismEnabled="yes" AuthorizationSupported="no" ... LdapClientMechanism="simple" LdapServerName="_ldap._tcp.SantaDominDiv._sites.rootdomain.com" ... /> </Mechanism>
You can configure other properties for the LDAP mechanism, if needed. For instructions, see Changing the TDGSS Configuration.
Configuration Option | Description |
---|---|
<Mechanism Name="ldap"> | Site awareness requires directory authentication of the user, using the LDAP mechanism. |
MechanismEnabled="yes" | The LDAP mechanism must be enabled. |
AuthorizationSupported="no" | Site awareness functions whether or not the directory authorizes the user. |
LdapClientMechanism="simple" | The example is for a system using simple binding. |
LdapServerName="_ldap._tcp.SantaDominDiv._sites.rootdomain.com" | This setting requires a DNS SRV RR formatted site name, which identifies the local GC directories available to authenticate the user. |
When you configure the LdapServerName property for GC site awareness, LDAP selects a directory at random from among the available GC directories for the site.