Greetings! We're in the process of implementing SSO using the NtlmHttpFilter. It works very well as long as we know the domain controller address. However, we are concerned that there is no 'fail over' mechanism for domain controller like there is for the WINS server. Why not?