Netscaler 10.5 How to create load-balanced LDAP

For Applications that rely on LDAP for authentication(NetScaler Gateway) it is very usefull to load balance it.

In this example i will create a LB LDAP server on port 389. Please follow the screenshots. Everything to configure is marked yellow.

Note: Load balance secure LDAP is also possible. At the end of this article i will give an idea how to configure this.

1. Create  LDAP authentication – Server

LDAP1

 

LDAP2

2. Create  LDAP authentication -Policy

LDAP3

 

LDAP4

3. Add your ldap servers(example is MS Active Directory LDAP server)

LDAP5

4. Create a LDAP monitor.

LDAP6

 

LDAP7

5. Fill in your LDAP parameters. This is used for connecting the LDAP server and to check if it up and running.

LDAP8

 

LDAP9

6. Add a service group. after that add members and monitor.

LDAP10

 

LDAP11

 

LDAP12

 

LDAP13

 

LDAP14

 

LDAP15

 

LDAP16

 

LDAP17

 

LDAP18

 

LDAP19

7. Create a Load Balanced Virtual Server.

LDAP20

 

LDAP21

8. Click continue. More options are available to configure now. Select ServiceGroup. Add the serviceGroup

 

 

LDAP23

 

LDAP24

9. You have a working Load Balanced LDAP server!

LDAP25

 

Bonus :O Bonus 🙂

For Active Directory password changes to work and for security you need Secure LDAP. information for configuring:

– SLDAP is port: 636

– Instead of TCP protocol select SSL-TCP

– You need a server certificate at the LB virtual server.

– make a custom LDAP monitor script. Follow this article

 

 

 

 

 

Advertisements

2 thoughts on “Netscaler 10.5 How to create load-balanced LDAP

  1. Pingback: Citrix NetScaler LDAP Monitor | Dave's Weblog

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s