Multiple LDAP Server

[mwolfe1]

Would it be possible to add multiple LDAP servers to sync? We manage technology for several school districts and would like to set up each district as a separate company. Each district has their own domain forest that has a trust back to our domain.

[stbc]

+1 multiple servers would be helpful regarding a fallback on a secondary if primary is down

[jelockwood]

I agree this sounds a useful enhancement. An alternative approach would be to have some sort of DNS load balancer so that e.g. ldap.domain.com redirects to a working LDAP server.

However apart from requiring the installation and setup of a DNS load balancer care also needs to be taken over possible issues with and SSL certificates and their subject alternative names so that when redirected from say ldap.domain.com to ldap1.domain.com the certificates still work.

[stbc]

Well, yeah, that setup is common with a lb in front of two (or more) LDAP servers. We are running a setup like that right now and have no issues with that so far. But it still would be a nice feature to add a fallback server for people not having a quite complex load balancing scenario...

[stale[bot]]

Is this still relevant? We haven't heard from anyone in a bit. If so, please comment with any updates or additional detail. This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Don't take it personally, we just need to keep a handle on things. Thank you for your contributions!

[stbc]

Yes. Please. See #7087 as well.

[stale[bot]]

Okay, it looks like this issue or feature request might still be important. We'll re-open it for now. Thank you for letting us know!

[stale[bot]]

Is this still relevant? We haven't heard from anyone in a bit. If so, please comment with any updates or additional detail. This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Don't take it personally, we just need to keep a handle on things. Thank you for your contributions!

[stbc]

Dear stale bot: Yes!

[stale[bot]]

Okay, it looks like this issue or feature request might still be important. We'll re-open it for now. Thank you for letting us know!

[fryguy503]

This request is still very relevant! This could help with companies that tend to acquire/divest many sub businesses. It makes it easy to bring on a new business, then just export the inventory when the segment is divested.

[stale[bot]]

Is this still relevant? We haven't heard from anyone in a bit. If so, please comment with any updates or additional detail. This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Don't take it personally, we just need to keep a handle on things. Thank you for your contributions!

[mwolfe1]

Still relevant 

Michael Wolfe

On Sun, Nov 17, 2019 at 8:01 AM "stale[bot]" < ">"stale[bot]" > wrote:

Is this still relevant? We haven't heard from anyone in a bit. If so, please comment with any updates or additional detail. This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Don't take it personally, we just need to keep a handle on things. Thank you for your contributions!

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub ( https://github.com/snipe/snipe-it/issues/6685?email_source=notifications&email_token=ALJJ4FDIAGSUZ3HHKNSIJV3QUE6CXA5CNFSM4GUNKMO2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEEILL2A#issuecomment-554743272 ) , or unsubscribe ( https://github.com/notifications/unsubscribe-auth/ALJJ4FCFM35FL42ZBDANHALQUE6CXANCNFSM4GUNKMOQ ).

[stale[bot]]

Okay, it looks like this issue or feature request might still be important. We'll re-open it for now. Thank you for letting us know!

[billtzim]

Yes, this feature would be great to be implemented. Very helpful to support multiple ldap servers. Thank you for your great work!

[cliff-LINKS]

+1

[stale[bot]]

Is this still relevant? We haven't heard from anyone in a bit. If so, please comment with any updates or additional detail. This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Don't take it personally, we just need to keep a handle on things. Thank you for your contributions!

[stbc]

+1 Would still love to see that

[stale[bot]]

Okay, it looks like this issue or feature request might still be important. We'll re-open it for now. Thank you for letting us know!

[Bakan0]

Still relevant! 😅

[stale[bot]]

Is this still relevant? We haven't heard from anyone in a bit. If so, please comment with any updates or additional detail. This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Don't take it personally, we just need to keep a handle on things. Thank you for your contributions!

[mwolfe1]

Still relevant 

Michael Wolfe

On Sat, May 30, 2020 at 2:45 AM "stale[bot]" < ">"stale[bot]" > wrote:

Is this still relevant? We haven't heard from anyone in a bit. If so, please comment with any updates or additional detail. This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Don't take it personally, we just need to keep a handle on things. Thank you for your contributions!

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub ( https://github.com/snipe/snipe-it/issues/6685#issuecomment-636287795 ) , or unsubscribe ( https://github.com/notifications/unsubscribe-auth/ALJJ4FDB3XI2UVKVJU6ZK7TRUCTSJANCNFSM4GUNKMOQ ).

[stale[bot]]

Okay, it looks like this issue or feature request might still be important. We'll re-open it for now. Thank you for letting us know!

[stale[bot]]

Is this still relevant? We haven't heard from anyone in a bit. If so, please comment with any updates or additional detail. This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Don't take it personally, we just need to keep a handle on things. Thank you for your contributions!

[mwolfe1]

Still relevant 

Michael Wolfe

On Wed, Jul 29, 2020 at 11:11 AM "stale[bot]" < ">"stale[bot]" > wrote:

Is this still relevant? We haven't heard from anyone in a bit. If so, please comment with any updates or additional detail. This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Don't take it personally, we just need to keep a handle on things. Thank you for your contributions!

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub ( https://github.com/snipe/snipe-it/issues/6685#issuecomment-665723648 ) , or unsubscribe ( https://github.com/notifications/unsubscribe-auth/ALJJ4FD27TQYC7WD6VBTF73R6A32PANCNFSM4GUNKMOQ ).

[stale[bot]]

Okay, it looks like this issue or feature request might still be important. We'll re-open it for now. Thank you for letting us know!

[AisFlo]

We would like this Feature too, as a fallback option. I guess it could be a problem to implement, because with multiple LDAP server, you have to compare them to the existing Users. What if they differ?

[jelockwood]

@AisFlo The use I am anticipating would be to define two (or more) connections to different members of an LDAP cluster. All cluster members should already be synchronising data so should be identical. This benefit is that if the primary defined LDAP server fails it will be able to use a secondary entry and therefore continue to provide service. As such there will be no need to worry about differences between the LDAP servers.

[fryguy503]

I am more interested in multiple separate ldap systems. E.g. I work for a company that has central management and r-wan connection to a number of schools. I would like to have companies setup for each district and users pulled from each of their AD systems for those "companies".

[bcourtade]

+1 fryguy503 We are set up in a similar way. Schools with separate AD Domains connected over shared fiber.

Selecting which LDAP source to use could be as simple as a domain dropdown option on the login screen, or choosing email address as the username for matching.

[stale[bot]]

Is this still relevant? We haven't heard from anyone in a bit. If so, please comment with any updates or additional detail. This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Don't take it personally, we just need to keep a handle on things. Thank you for your contributions!

[fryguy503]

Stalebot seems counter-productive, these requests are valid and should be exempted from the constant need to bump these requests.

[stale[bot]]

Okay, it looks like this issue or feature request might still be important. We'll re-open it for now. Thank you for letting us know!

[stale[bot]]

Is this still relevant? We haven't heard from anyone in a bit. If so, please comment with any updates or additional detail. This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Don't take it personally, we just need to keep a handle on things. Thank you for your contributions!

[mwolfe1]

Still relevant. 

Michael Wolfe

On Fri, Dec 25, 2020 at 10:23 AM "stale[bot]" < ">"stale[bot]" > wrote:

Is this still relevant? We haven't heard from anyone in a bit. If so, please comment with any updates or additional detail. This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Don't take it personally, we just need to keep a handle on things. Thank you for your contributions!

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub ( https://github.com/snipe/snipe-it/issues/6685#issuecomment-751262700 ) , or unsubscribe ( https://github.com/notifications/unsubscribe-auth/ALJJ4FA5GJ4WVB6UXAHGMK3SWSU7HANCNFSM4GUNKMOQ ).

[stale[bot]]

Okay, it looks like this issue or feature request might still be important. We'll re-open it for now. Thank you for letting us know!

[SpearRIT]

This is definitely still relevant and I believe that both the ability to add multiple ldap servers for the same domain and the ability to add multiple ldap domains are equally useful. So... +1!

[padeli]

I'd love to see this feature rolled out!

[opayemim]

I will love to see this featured rolled out too

[OMFCP]

Ran into a similar issue trying to get my child domains to sync via ldap. To get the users in my child domains to sync all I had to do was add the port for the ldap global catalog server connection 3268 to the end of my ldap server entry in the settings. I looked like ldap://server.domain:3268 and it immediately pulled in all users from all of my child domains.

[derrynj]

+1 it would be very useful to have a fallback server to specify