More than one LDAP Server support

[loetmann]

Describe the solution you'd like
I would like to see support for more than one LDAP server. Think for example of a school: We have one domain for the administrativ staff and one for the educational environment (classrooms, teachers, pupils etc.). They are running in two different isolated networks. While the sinpe-it users are located in the administrative domain, the persons behind asset-requests would ble in the edu-net.

Describe alternatives you've considered
AD Federation. But this is a mess having MS AD and Samba 4 AD domains :-(. Regarding the example above there are also heavy security concerns.

Additional context
An alternative would be support for SAML. ;-)

[stale]

Is this still relevant? We haven't heard from anyone in a bit. If so, please comment with any updates or additional detail.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Don't take it personally, we just need to keep a handle on things. Thank you for your contributions!

[stale]

This issue has been automatically closed because it has not had recent activity. If you believe this is still an issue, please confirm that this issue is still happening in the most recent version of Snipe-IT and reply to this thread to re-open it.

[6570]

We have this issue as well; using LDAP to try to sync users but Google Workspace has our users split up by domain name (dc=example,dc=com; dc=example2,dc=com; dc=example3,dc=co) so we need a way to either specify multiple directories or multiple bases in order to move away from managing users manually

[6570]

@snipe Would it be possible to have this issue reopened? #6685 seems to be for more for fallback/load-balancing whilst this would be multiple LDAP sources

[jessenoyes-cire]

I'd like to second having this issue reopened. Having multiple LDAP sources would save us a tonne of manual intervention, as we have 2 domains in our AD forest.

[OMFCP]

Ran into a similar issue trying to get my child domains to sync via ldap. To get the users in my child domains to sync all I had to do was add the port for the ldap global catalog server connection 3268 to the end of my ldap server entry in the settings. I looked like ldap://server.domain:3268 and it immediately pulled in all users from all of my child domains.

[6570]

@OMFCP Is that with Google Workspace?

[OMFCP]

@OMFCP Is that with Google Workspace?

Sadly it is not. What I did find though is that if I set up my different child domains as "Companies" i could define the child domain path (dc=child,dc=parnent,dc=local) as the search OU path to correctly group my users. as far as having what appears to be 3 separate domains in Google Workspace from your earlier post (dc=example,dc=com; dc=example2,dc=com; dc=example3,dc=co), I'm not sure.

[OMFCP]

@OMFCP Is that with Google Workspace?

Not sure if this would help but when adding a directory in your Directory Sync to sync Workspace with your On-Prem LDAP server you could try to point it to a Global Catalog, add the port 3268, and see if it changes how it shows up in your Google Workspace. It might add them as child domains instead of multiple "parent" domains.

[devinbaeten]

In our organization we have two domains, one for students and one for staff. Right now I have to manually sync students and staff separately. It would be much appreciated if we could have multiple LDAP configurations at once.