I was just wondering how domain controller redundancy works in Checpoint policy. You create LDAP Account Unit for a domain and add in your 2 ldap server objects (domain controllers).
Then on the "Objects Management" tab you can only choose 1 of these 2 servers
Today the cert on irbdc04 changed which meant ldaps queries stopped working until the fingerprint was fetched. The customer asked us, "why didnt the other domain controller take over serving authentication queries".
So I'm wondering even though I have 2 servers defined in the ldap account unit, but only 1 defined Objects management tab does this mean that if irbdc04 is not working there is no ldap server redundancy? At what point will phdc03 take over serving requests?
Thanks in advance