I don't have much experience with the LDAP integration but if those are completely separate Account Units, CP is not supposed to have a priority to query them as they should be used for completely different groups of users, so an authentication requirement from a user in group A should go to Account Unit A and the same thing for group B (Account Unit B).
If you have a single group of users attempting to log in using an account that could be in one of two LDAP servers (or both in case of replication), then you should use a single Account Unit with both servers in the pririty required. Maybe I'm just not understanding why you would have two different AUs if there should be an order to query them because both authenticate the same group of users, but then you could give us a little detail on what are you trying to achieve. Regards On 12/20/06, Markus Schmidt <[EMAIL PROTECTED]> wrote:
Hi there I have a Question about VPN1-NGX R61 and the LDAP Connection. In an LDAP Account Unit, I can define several Servers, and give them a priority, to say who's queried first. That's clear to me. But what do do if I have TWO LDAP Account Units, for complete different Domains? Each of these two Account Units contains one LDAP Server. If I give one a priority of 1, and a 5 to the second one, are they realy querried in that order? Anyone tried this out? -- http://schmidt.bs-server.com ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
-- Sergio Alvarez (506)8301342 ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
