Leonid, By "7 different AD DN", do you mean you have 7 different distinct sets of users/accounts in 7 different ADs?
If so, how is the namespace of users managed across the 7 domains. Are you expecting users to login with a domain qualifier like username@domain? Bill On Thu, Sep 1, 2011 at 12:17 AM, Leonid Batizhevsky <[email protected]> wrote: > I'm going to use the CAS, together with 7 different AD DN, connected with > VPN from different offices. And if one of them will have problems with the > connection I lose the ability to use to services to users in 6 different > LDAP > > My full test config (At now I use in test envelopment) attached. > > > Leonid S. Batizhevsky > > > On Wed, Aug 31, 2011 at 18:08, Marvin Addison <[email protected]> > wrote: >> >> Let's please have a little more discussion about an issue before >> filing improvements in Jira. There is absolutely no need for a >> smarter authentication manager to address the current use case of LDAP >> failover. I recently re-wrote >> https://wiki.jasig.org/display/CASUM/LDAP with further emphasis on >> best practices for LDAP authentication in HA setups, but possibly more >> could be done. Please review the section "Connection Pooling" and >> provide feedback. I'm fully confident this is a documentation issue, >> not a technology one. We use the default authentication manager with >> a well-configured connection pool and have a very sound HA setup for >> LDAP authentication. > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
