Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 411
  • Last Modified:

How possible is it to connect LDAP with two DC

Dear Experts,

We have a library system called KOHA that uses ldap to connect to AC, only one server can be set on its ldap configuration to connect to active directory server.
We have two Active directory for different departments, how to make it to connect to both servers, is it done through windows, or has to be through LDAP

thanks
0
uknet80
Asked:
uknet80
  • 2
  • 2
  • 2
3 Solutions
 
x-menIT super heroCommented:
if there are 2 distinct ADs, you'll need 2 connections because the root of the LDAP path is diferent
0
 
x-menIT super heroCommented:
If there is a trust relation between the domains, connect ot the one that is trusted by the other
0
 
khairilCommented:
Hi,

If the domain is in same forest then make them both GC (global catalog).
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
uknet80Author Commented:
Although I am not so familiar with windows trust relation, I would say there is trust between both servers as from one server I can connect to other AD.

If there is trust relation between both active directory A and B, and can connect from server A to B, then if I specify under LDAP client only Server A setting I should be able to connect to Active directory users on B Server.  Is that correct?



0
 
khairilCommented:
It still depend on how the client try to connect, having trust will make the authentication request some sort like "redirect" to other server.

But chaging the AD infra comes with risk, BIG RISK, in some situation it will break other things. It is better for you to change the KOHA checkpw class and extend the KOHA config for second LDAP (You can also hard coded the checkpw class).

This article is on KOHA problem with CN, you must repeat line 21 to 99 for different LDAP servers. This require you to have some PHP programming skill.

Other way to do is using LDAP proxy with multi sources, here is something on it, http://www.novell.com/communities/node/8637/ldap-proxy-server-multiple-sources and here is how on KOHA with LDAP proxy (you still need a lot of modification to do), http://blog.rot13.org/2009/03/virtual_ldap_rewrite_or_augment_data_on_the_fly.html 

If you ask me what I will do? I cannot do Perl, and most likely I will chose to modified the calss.
0
 
uknet80Author Commented:
it look a bit complicated but I will go through it,
thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Easily Design & Build Your Next Website

Squarespace’s all-in-one platform gives you everything you need to express yourself creatively online, whether it is with a domain, website, or online store. Get started with your free trial today, and when ready, take 10% off your first purchase with offer code 'EXPERTS'.

  • 2
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now