Thanks a lot Ujwol for this thread and the detailed explanation!!
So, creating 2-3 LDAP banks for the same directory server in load balancing mode and making a hostfile entry in the policy server system, will help in managing thousands(9 connections for 1 directory with 4096 max-user setting) of active user sessions to the directory?
In our environment, we have 2 user stores(in multi-write replication, DISP recovery) configured in failover mode with the policy servers. In the recent past, we have faced some errors in policy server logs where-in the dsa's were up and running but still policy server was not able to communicate with it. Also, in this scenario, the failover also didn't worked, i.e, the request for user search didn't got transferred to the other LDAP server.
As per CA recommendation, we increased the max-user value at dsa level and so far have not faced the issue again.
But, will having multiple LDAP banks for each of the above servers help in the overall login(authentication by LDAP specially) performance?
Regards,
Aditi