Load Balancing Active Directory

0

Configuration has yet to be fully verified, Kemp Support will gladly assist if your AD traffic is not flowing as expected.

 

1   Introduction

Active Directory (AD) is a directory Services that Microsoft developed for Windows Domain networks. It is included in most Windows Server Operating System as a set of processes and services. 

 

1.1  Document Purpose

This section details a configuration for a specific application that has been provided by a customer but has yet to be fully tested

This specific configuration will ensure that your AD servers are highly-available, scalable, and secure.

Configuration has yet to be fully verified, Kemp Support will gladly assist if your AD traffic is not flowing as expected.

 

2     Configuration 

 As transparency must be enabled for L4 services the default gateway of the AD servers must be pointed to the LM.

  • The host file must be altered on the servers in the DMZ to point to the VIP IP for the AD servername
  • The DNS service must be on the AD server and be specified as the preferred DNS server for the servers in the DMZ.
  • Subnet Originating Requests must be enabled

 

2.1  Global Configuration

       No Changes Required

 

2.2  Virtual Service Configuration

 Four Virtual Services will be required. 

1. LDAP UDP L4 service on port 389 UDP

2. LDAP TCP L7 service on port 389 TCP

3. DNS UDP L4 service on port 53 UDP

4. DNS TCP L7 service on port 53 TCP

 

 

2.3   LDAP UDP Virtual Service

 > New Virtual Service

 > Enter IP Address

 > Port = 389

 > Name = LDAP UDP

 > Protocol = UDP

LDAP_UDP.png

2.4    Standard Options   

      > Force Layer 4 = Enabled

      >  Persistence = None

      > Scheduling Method = Round Robin

LDAP_UDP_settings.png

 

 

3.0   LDAP TCP Virtual Service

 > New Virtual Service

 > Enter IP Address

 > Port = 389

 > Name = LDAP TCP

 > Protocol = TCP

LDAP_TCP.png

3.1    Standard Options   

      >  Persistence = None

      > Scheduling Method = Round Robin

     

LDAP_TCP_settings.png

 

 

4.0  DNS UDP Virtual Service

 > New Virtual Service

 > Enter IP Address

 > Port = 53

 > Name = DNS UDP

 > Protocol =  UDP

DNS_UDP.png

4.1   Standard Options   

      > Force Layer 4 = Enabled

      >  Persistence = None

      > Scheduling Method = Round Robin

DNS_UDP_settings.png

 

 

5.0  DNS TCP Virtual Service

 > New Virtual Service

 > Enter IP Address

 > Port = 53

 > Name = DNS TCP

 > Protocol = TCP

DNS_TCP.png

5.1   Standard Options   

      >  Persistence = None

      > Scheduling Method = Round Robin

 

DNS_TCP_Settings.png

 

 you have successfully Load Balanced your AD Servers by implementing this specific configuration, please give a thumbs up or please leave a comment on a possible alteration that was required to make it function. Thank you

 

0 comments