Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Multiple LDAP Server Array #16

Open
benyanke opened this issue Jul 3, 2018 · 4 comments
Open

Multiple LDAP Server Array #16

benyanke opened this issue Jul 3, 2018 · 4 comments
Labels
enhancement New feature or request good first issue Good for newcomers pinned

Comments

@benyanke
Copy link
Contributor

benyanke commented Jul 3, 2018

Currently it seems only one LDAP server is allowed.

Would love to see an implementation which would allow multiples, for HA. Perhaps a CSV list would then be tried if one didn't respond.
@madmath03
Copy link
Member

madmath03 commented Jul 4, 2018
edited
Loading

Indeed, the plugin currently allows one LDAP server.

Regarding your use case, I would say having one single address for your LDAP cluster seems better and would solve your issue. Your cluster would replicate operations between a master and slave(s) and use a load balancer.

But, I definitely am no expert in HA configuration, especially when it comes to LDAP clusters. Plus, several other LDAP authentication systems allow this, so I do not see why we should prevent Taiga to have the same feature.

I do not have much free time to work on taiga ldap auth since it already meets our company requirements but we will gladly support and accept any help provided to improve it further 😉

@benyanke
Copy link
Contributor Author

benyanke commented Jul 5, 2018
edited
Loading

In most situations, I see LDAP handled like DNS, where there are typically 2 logical endpoints, those endpoints being serviced by, of course, as many actual servers as the uptime requirements demand. I know in my company, we have two on-prem domain controllers, and most of the ones I've worked with have done the same. I know the other tools I have used all allow multiple LDAP servers, so I agree it's a useful feature.

It's obviously not super high on my list, but I will try and get this implemented in a PR when I'm able!

@madmath03 madmath03 added the enhancement New feature or request label Mar 14, 2019
@stale
Copy link

stale bot commented Jun 17, 2019

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@stale stale bot added the wontfix This will not be worked on label Jun 17, 2019
@madmath03 madmath03 added pinned and removed wontfix This will not be worked on labels Jun 17, 2019
@madmath03 madmath03 pinned this issue Jun 17, 2019
@benyanke
Copy link
Contributor Author

While this isn't a resolution of the issue, and I'd love to see an array of servers supported w/ proper fallback procedure (as most enterprise LDAP apps have), this can be somewhat worked around via DNS, which is what I'm doing for the time being - point the LDAP server at the DNS name which points to both servers.

The downside is that the app doesn't automatically retry if one of the two is down, leading to half the requests failing. However, it's better than hardcoding to a single one.

Just posting this for those who may need the same thing, and want a workaround for now.

@madmath03 madmath03 added the good first issue Good for newcomers label Mar 11, 2020
@AminovE99 AminovE99 mentioned this issue Mar 13, 2020
Open
@zohaib09 zohaib09 mentioned this issue Sep 18, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request good first issue Good for newcomers pinned
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@benyanke @madmath03 @AminovE99