We are currently using another LDAP solution besides AD for various reasons. I want to move that LDAP solution to AD LDS. We currently front our LDAP servers with F-5’s for load balancing and GTM for failover. I also would not want to use a proxy for AD LDS for AD authentication because this LDAP would be a “For-life” instance and I would not want to have accounts in our prod forest that are only partially affiliated with the institution.
For those that are using AD LDS, what are you using for load balancing and HA? I know that AD LDS has the concept of Sites and SRV records, but in most cases, clients that use our LDAP solution have no understanding of the concept of SRV and sites and would just need to point to an LDAP server/VIP. Is there anything that could break if we decided to use F-5 VIP to front our AD LDS? Are you using a different solution for LB and HA? Thank you, Brian Britt