Configuring AsyncOS to Work With Multiple LDAP Servers

When you configure an LDAP server profile, you can configure the Cisco Content Security appliance to connect to a list of multiple LDAP servers. If you use multiple LDAP servers, they need to contain the same information, have the same structure, and use the same authentication information. Third-party products exist that can consolidate the records.

You configure the Cisco Content Security appliance to connect to redundant LDAP servers to use the following features:

• Failover. If the Cisco Content Security appliance cannot connect to an LDAP server, it connects to the next server in the list.
• Load Balancing. The Cisco Content Security appliance distributes connections across the list of LDAP servers when it performs LDAP queries.

You can configure redundant LDAP servers on the Management Appliance > System Administration > LDAP page or by using the CLI ldapconfig command.