Multiple LDAP Server #6685

mwolfe1 · 2019-02-05T14:30:51Z

Would it be possible to add multiple LDAP servers to sync? We manage technology for several school districts and would like to set up each district as a separate company. Each district has their own domain forest that has a trust back to our domain.

stbc · 2019-02-06T10:03:44Z

+1 multiple servers would be helpful regarding a fallback on a secondary if primary is down

jelockwood · 2019-04-04T11:13:36Z

I agree this sounds a useful enhancement. An alternative approach would be to have some sort of DNS load balancer so that e.g. ldap.domain.com redirects to a working LDAP server.

However apart from requiring the installation and setup of a DNS load balancer care also needs to be taken over possible issues with and SSL certificates and their subject alternative names so that when redirected from say ldap.domain.com to ldap1.domain.com the certificates still work.

stbc · 2019-04-04T16:14:30Z

Well, yeah, that setup is common with a lb in front of two (or more) LDAP servers. We are running a setup like that right now and have no issues with that so far. But it still would be a nice feature to add a fallback server for people not having a quite complex load balancing scenario...

stale · 2019-06-03T16:33:07Z

Is this still relevant? We haven't heard from anyone in a bit. If so, please comment with any updates or additional detail.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Don't take it personally, we just need to keep a handle on things. Thank you for your contributions!

stbc · 2019-06-03T16:41:27Z

Yes. Please. See #7087 as well.

stale · 2019-06-03T16:41:29Z

Okay, it looks like this issue or feature request might still be important. We'll re-open it for now. Thank you for letting us know!

stale · 2019-08-02T17:22:06Z

Is this still relevant? We haven't heard from anyone in a bit. If so, please comment with any updates or additional detail.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Don't take it personally, we just need to keep a handle on things. Thank you for your contributions!

stbc · 2019-08-05T08:33:58Z

Dear stale bot: Yes!

stale · 2019-08-05T08:34:00Z

Okay, it looks like this issue or feature request might still be important. We'll re-open it for now. Thank you for letting us know!

fryguy503 · 2019-09-18T12:33:41Z

This request is still very relevant! This could help with companies that tend to acquire/divest many sub businesses. It makes it easy to bring on a new business, then just export the inventory when the segment is divested.

stale · 2019-11-17T13:01:15Z

Is this still relevant? We haven't heard from anyone in a bit. If so, please comment with any updates or additional detail.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Don't take it personally, we just need to keep a handle on things. Thank you for your contributions!

mwolfe1 · 2019-11-17T13:05:01Z

Still relevant Michael Wolfe

…

On Sun, Nov 17, 2019 at 8:01 AM "stale[bot]" < ">"stale[bot]" > wrote: Is this still relevant? We haven't heard from anyone in a bit. If so, please comment with any updates or additional detail. This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Don't take it personally, we just need to keep a handle on things. Thank you for your contributions! — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub ( #6685?email_source=notifications&email_token=ALJJ4FDIAGSUZ3HHKNSIJV3QUE6CXA5CNFSM4GUNKMO2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEEILL2A#issuecomment-554743272 ) , or unsubscribe ( https://github.com/notifications/unsubscribe-auth/ALJJ4FCFM35FL42ZBDANHALQUE6CXANCNFSM4GUNKMOQ ).

stale · 2019-11-17T13:05:03Z

Okay, it looks like this issue or feature request might still be important. We'll re-open it for now. Thank you for letting us know!

billtzim · 2019-12-08T18:01:38Z

Yes, this feature would be great to be implemented. Very helpful to support multiple ldap servers. Thank you for your great work!

cliff-LINKS · 2019-12-28T18:26:44Z

+1

stale · 2020-02-27T05:20:43Z

Is this still relevant? We haven't heard from anyone in a bit. If so, please comment with any updates or additional detail.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Don't take it personally, we just need to keep a handle on things. Thank you for your contributions!

stbc · 2020-02-27T08:09:27Z

+1 Would still love to see that

stale · 2020-02-27T08:09:30Z

Okay, it looks like this issue or feature request might still be important. We'll re-open it for now. Thank you for letting us know!

Bakan0 · 2020-03-29T15:24:49Z

Still relevant! 😅

stale · 2020-05-30T06:45:45Z

Is this still relevant? We haven't heard from anyone in a bit. If so, please comment with any updates or additional detail.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Don't take it personally, we just need to keep a handle on things. Thank you for your contributions!

mwolfe1 · 2020-05-30T12:32:02Z

Still relevant Michael Wolfe

…

On Sat, May 30, 2020 at 2:45 AM "stale[bot]" < ">"stale[bot]" > wrote: Is this still relevant? We haven't heard from anyone in a bit. If so, please comment with any updates or additional detail. This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Don't take it personally, we just need to keep a handle on things. Thank you for your contributions! — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub ( #6685 (comment) ) , or unsubscribe ( https://github.com/notifications/unsubscribe-auth/ALJJ4FDB3XI2UVKVJU6ZK7TRUCTSJANCNFSM4GUNKMOQ ).

stale · 2020-05-30T12:32:05Z

Okay, it looks like this issue or feature request might still be important. We'll re-open it for now. Thank you for letting us know!

stale · 2020-07-29T15:11:18Z

Is this still relevant? We haven't heard from anyone in a bit. If so, please comment with any updates or additional detail.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Don't take it personally, we just need to keep a handle on things. Thank you for your contributions!

mwolfe1 · 2020-07-29T15:12:41Z

Still relevant Michael Wolfe

…

On Wed, Jul 29, 2020 at 11:11 AM "stale[bot]" < ">"stale[bot]" > wrote: Is this still relevant? We haven't heard from anyone in a bit. If so, please comment with any updates or additional detail. This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Don't take it personally, we just need to keep a handle on things. Thank you for your contributions! — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub ( #6685 (comment) ) , or unsubscribe ( https://github.com/notifications/unsubscribe-auth/ALJJ4FD27TQYC7WD6VBTF73R6A32PANCNFSM4GUNKMOQ ).

stale · 2020-07-29T15:12:44Z

Okay, it looks like this issue or feature request might still be important. We'll re-open it for now. Thank you for letting us know!

AisFlo · 2020-07-29T16:07:58Z

We would like this Feature too, as a fallback option.
I guess it could be a problem to implement, because with multiple LDAP server, you have to compare them to the existing Users.
What if they differ?

jelockwood · 2020-07-29T16:17:16Z

@AisFlo
The use I am anticipating would be to define two (or more) connections to different members of an LDAP cluster. All cluster members should already be synchronising data so should be identical. This benefit is that if the primary defined LDAP server fails it will be able to use a secondary entry and therefore continue to provide service. As such there will be no need to worry about differences between the LDAP servers.

fryguy503 · 2020-07-29T16:26:21Z

I am more interested in multiple separate ldap systems. E.g. I work for a company that has central management and r-wan connection to a number of schools. I would like to have companies setup for each district and users pulled from each of their AD systems for those "companies".

bcourtade · 2020-07-30T18:16:05Z

+1 fryguy503
We are set up in a similar way. Schools with separate AD Domains connected over shared fiber.

Selecting which LDAP source to use could be as simple as a domain dropdown option on the login screen, or choosing email address as the username for matching.

stale · 2020-10-04T04:21:14Z

Is this still relevant? We haven't heard from anyone in a bit. If so, please comment with any updates or additional detail.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Don't take it personally, we just need to keep a handle on things. Thank you for your contributions!

fryguy503 · 2020-10-04T06:45:00Z

Stalebot seems counter-productive, these requests are valid and should be exempted from the constant need to bump these requests.

stale · 2020-10-04T06:45:03Z

Okay, it looks like this issue or feature request might still be important. We'll re-open it for now. Thank you for letting us know!

stale · 2020-12-25T15:23:20Z

Is this still relevant? We haven't heard from anyone in a bit. If so, please comment with any updates or additional detail.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Don't take it personally, we just need to keep a handle on things. Thank you for your contributions!

mwolfe1 · 2020-12-25T15:41:22Z

Still relevant. Michael Wolfe

…

On Fri, Dec 25, 2020 at 10:23 AM "stale[bot]" < ">"stale[bot]" > wrote: Is this still relevant? We haven't heard from anyone in a bit. If so, please comment with any updates or additional detail. This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Don't take it personally, we just need to keep a handle on things. Thank you for your contributions! — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub ( #6685 (comment) ) , or unsubscribe ( https://github.com/notifications/unsubscribe-auth/ALJJ4FA5GJ4WVB6UXAHGMK3SWSU7HANCNFSM4GUNKMOQ ).

stale · 2020-12-25T15:41:25Z

Okay, it looks like this issue or feature request might still be important. We'll re-open it for now. Thank you for letting us know!

SpearRIT · 2021-02-01T20:55:40Z

This is definitely still relevant and I believe that both the ability to add multiple ldap servers for the same domain and the ability to add multiple ldap domains are equally useful.
So... +1!

padeli · 2021-07-08T20:59:04Z

I'd love to see this feature rolled out!

opayemim · 2021-08-16T13:14:51Z

I will love to see this featured rolled out too

OMFCP · 2023-05-16T19:40:35Z

Ran into a similar issue trying to get my child domains to sync via ldap. To get the users in my child domains to sync all I had to do was add the port for the ldap global catalog server connection 3268 to the end of my ldap server entry in the settings. I looked like ldap://server.domain:3268 and it immediately pulled in all users from all of my child domains.

snipe added the ldap label Mar 6, 2019

stale bot added the stale label Jun 3, 2019

stale bot removed the stale label Jun 3, 2019

stale bot added the stale label Aug 2, 2019

stale bot removed the stale label Aug 5, 2019

stale bot added the stale label Nov 17, 2019

stale bot removed the stale label Nov 17, 2019

stale bot added the stale label Feb 27, 2020

stale bot removed the stale label Feb 27, 2020

stale bot added the stale label May 30, 2020

stale bot removed the stale label May 30, 2020

stale bot added the stale label Jul 29, 2020

stale bot removed the stale label Jul 29, 2020

stale bot added the stale label Oct 4, 2020

stale bot removed the stale label Oct 4, 2020

stale bot added the stale label Dec 25, 2020

stale bot removed the stale label Dec 25, 2020

6570 mentioned this issue Sep 14, 2022

More than one LDAP Server support #7087

Closed

Multiple LDAP Server #6685

Multiple LDAP Server #6685

Comments

mwolfe1 commented Feb 5, 2019

stbc commented Feb 6, 2019

jelockwood commented Apr 4, 2019

stbc commented Apr 4, 2019

stale bot commented Jun 3, 2019

stbc commented Jun 3, 2019

stale bot commented Jun 3, 2019

stale bot commented Aug 2, 2019

stbc commented Aug 5, 2019

stale bot commented Aug 5, 2019

fryguy503 commented Sep 18, 2019

stale bot commented Nov 17, 2019

mwolfe1 commented Nov 17, 2019 via email

stale bot commented Nov 17, 2019

billtzim commented Dec 8, 2019

cliff-LINKS commented Dec 28, 2019

stale bot commented Feb 27, 2020

stbc commented Feb 27, 2020

stale bot commented Feb 27, 2020

Bakan0 commented Mar 29, 2020

stale bot commented May 30, 2020

mwolfe1 commented May 30, 2020 via email

stale bot commented May 30, 2020

stale bot commented Jul 29, 2020

mwolfe1 commented Jul 29, 2020 via email

stale bot commented Jul 29, 2020

AisFlo commented Jul 29, 2020

jelockwood commented Jul 29, 2020

fryguy503 commented Jul 29, 2020

bcourtade commented Jul 30, 2020

stale bot commented Oct 4, 2020

fryguy503 commented Oct 4, 2020

stale bot commented Oct 4, 2020

stale bot commented Dec 25, 2020

mwolfe1 commented Dec 25, 2020 via email

stale bot commented Dec 25, 2020

SpearRIT commented Feb 1, 2021

padeli commented Jul 8, 2021

opayemim commented Aug 16, 2021

OMFCP commented May 16, 2023