AnsweredAssumed Answered

Two LDAP server setup

Question asked by bensewell on Jul 7, 2011
Latest reply on Jul 21, 2011 by bensewell
Hi I've read through the alfresco wiki and a few related posts but can't seem to nail this one down.

Heres the scenario. 
My Alfresco is working fine through LDAP and local user accounts.  I now want it to chain to LDAP1, LDAP2 and then local.  I copied the content from the subsystems authentication folder from ldap to a new folder called ldap2.

Then changed the settings in the global config to:

### Authentication chain settings###
authentication.chain=ldap1:ldap,ldap2:ldap,alfrescoNtlm1:alfrescoNtlm
ldap.authentication.active=true
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.userNameFormat=%s@domaina.co.uk
ldap.authentication.allowGuestLogin=false
ldap.authentication.java.naming.provider.url=ldap://ad01.domaina.co.uk:389
ldap.authentication.defaultAdministratorUserNames=alfrescosr
ldap.synchronization.active=false

###ad2-settings###  Configured  07/06/11
ldap.authentication.active=true
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.userNameFormat=%s@domainb.co.uk
ldap.authentication.allowGuestLogin=false
ldap.authentication.java.naming.provider.url=ldap://ad01.domainb.co.uk:389
ldap.synchronization.active=false

But unsure if this will work?  I need to offline the server when i do this change so really want to make sure it will work before restarting the alfresco / tomcat services.

Is this the right way to setup 2 LDAP servers for chaining?

Please can anyone point out if this is the right way to do it or have i done a big no no?

Thanks, Ben

Outcomes