Hi,
Running ZCM 11 with Satellite servers at remote sites.
I have setup Authentication as a role for a satellite and it is working.
My User Sources is pointing towards my Edir tree, and authenticates using a user object that exists on a partition local to the PRIMARY Servers.
I have added extra "connections" to this User Source for my Satellites that point towards the local NetWare server which has replicas of the users at that site. Naturally the satellites uses that connection.
Now comes the question:
Given my User Source "username and password" does NOT exist in the local partition on the site server - will this negate any performance increase ?
Basically is the Username specified in the User Source used by the Satellites when performing the Authentication Role ?
If so, is the LDAP connection kept open or cached so that future "local" ZCM User Authentications don't involve a tree walk across the WAN first to authenticate the User Source user ?
Can we specify a username per connection instead of per source so we can use a local user object ? (not visible or documented)
I really don't want to have a partition replicated to every site purely to hold this service account. :-)
Thoughts, ideas , Facts ?
Thanks in Advance,
Ian
Running ZCM 11 with Satellite servers at remote sites.
I have setup Authentication as a role for a satellite and it is working.
My User Sources is pointing towards my Edir tree, and authenticates using a user object that exists on a partition local to the PRIMARY Servers.
I have added extra "connections" to this User Source for my Satellites that point towards the local NetWare server which has replicas of the users at that site. Naturally the satellites uses that connection.
Now comes the question:
Given my User Source "username and password" does NOT exist in the local partition on the site server - will this negate any performance increase ?
Basically is the Username specified in the User Source used by the Satellites when performing the Authentication Role ?
If so, is the LDAP connection kept open or cached so that future "local" ZCM User Authentications don't involve a tree walk across the WAN first to authenticate the User Source user ?
Can we specify a username per connection instead of per source so we can use a local user object ? (not visible or documented)
I really don't want to have a partition replicated to every site purely to hold this service account. :-)
Thoughts, ideas , Facts ?
Thanks in Advance,
Ian