Overview

When a Solaris client is made an LDAP client, it operates similar to a Solaris client using NIS/NIS+ or NFS. The client does hard lookups, which means the getXXbyYY() calls wait until they get a response. Normally NIS(YP) has its servers on the local subnet (as they are normally bound to using a broadcast). Since Solaris 2.0 it has been possible (but not often used) to enable the use of NIS(YP) servers off the local subnet (see the ypinit(1M) command) and of course NIS+ is routinely setup without local servers. LDAP is more like NIS+ in it's tendency to deploy non-local servers.

This means that the routers become essential in making your machine work.

You must make sure your clients can always reach at least one of your LDAP servers. Either by making sure your network is properly reliable (most are unless someone cuts the wire or turns off the power to the router) or by making sure a server is on the local subnet (although again even then with subnet no longer being a cable but twisted pairs going to a ethernet server, cutting the cable or the power has the same effect).

The best method to keep your clients operational is to make sure you have multiple servers, keep those servers up to date (so they have the same data) and make sure your clients can reach all of them. Obviously if you are using the server preference feature (to force your clients to bind to certain servers) you need to make sure they meet the same criterion.