There are different ways to obtain high availability for a Directory Service. One is to deploy Directory Server in a Cluster. Another one is to deploy 2 instances of the Directory Server and have them replicate to each other in a multi-master replication topology.
But even when using a hardware load balancer, you may want to front your Directory Server instances with a pair of load-balanced Directory Proxy Servers.
This way, you have physical redundancy at the load balancer level, and intelligent LDAP-aware load balancing at the proxy server level.
Directory Proxy Server 6 is very nice in that you can split binds, searches, and updates amongst several DS instances, and the connection state is maintained by the proxy, not the DS instance. So if a DS instance fails or is stopped for maintenance, the application isn’t forced to rebind, the proxy fails-over to another DS for writing or reading (*).
With Solaris 10 and Solaris Containers, you can do this on a pair of systems, each with a zone for a replicated Master DS, and another zone each for a DPS instance. The DPS instances are configured to load balance the authentication,read, write operation among the DS master zones.
This works out very well for some of our customers.
* – The failover does not work for searches that are already in progress and for which entries have been returned already. And it does not work either with Persistent searches.
Ludo Sketches 