Currently have all switches in the network doing management login via Radius Via NAC and then onto LDAP to AD.
The problem has arisen, although two AD (LDAP Connections) have been configured, where Full loss to both the LDAP services has occurred. (appreciate that the resiliency here is broken, but...)
The issue is (I believe) that because Radius is still working between the switch and NAC that the switches still think all is good and doesn't default to use a local account.
Do you know if there is anyway to correct that?
Was wondering if there is a Rule or an AAA configuration that could take precedence in that situation to use local authentication - have played but not got anything to work with that line of thought.
Perhaps there is an EXOS configuration that can for example, test the LDAP servers before doing Radius Management Authentication, or equally something NAC could do similiar?
Anyone had the same problem and found a solution?