In order to provide user authentication in our Unix/Linux infrastructure, we have an OpenLDAP installad on the main server having satellite servers/workstations being authenticated over this one via PAM settings.
What is the best way of providing redundancy in such a setup, incase LDAP server is down ? As far as I know, it is impossible to define an alternative LDAP server in PAM configuration, so, what whould be the other alternatives to provide redundancy ?
If there is no solution on the application layer, could there be a solution on network level ? Redirection etc. ? Any software/hardware to perform this ? (I don't have budget for additional equipment but your suggestions would be valuable).