On Sat, Sep 20, 2014 at 8:48 AM, Vilius Sumskas/LNK <[email protected]> wrote:
> Hi, > > I'm trying to setup Horde to authenticate against multiple LDAP server > however I cannot find any information how to do this. > > Looking at the code it seems like Ldap.php expects an array of hostnames, > however GUI doesn't allow me to enter PHP arrays and it doesn't save it as > an array if I separate hosts with comma, e.g. "hostname1, hostname2". > > I have specified an array of hostnames directly in conf.php, however as > soon as one of the LDAP hosts goes down I have a >1 minute delay every > time I click Horde GUI in any application. > > Have I did something wrong? Does Horde support multiple LDAP servers for > authentication? > > -- > I have something similar working, but not by horde. I authenticate by IMAP, and on the PAM configuration, there are multiple authentication methods which are accepted. One is LDAP, and other is by AD. LDAP requires /etc/pam_ldap.conf to be configured, and winbind requires Samba configured. In your case you could possibly have two LDAPs set up in /etc/pam_ldap.conf , but I've never done it. To block those who could authenticate by LDAP but have no mailbox on the IMAP server, I use listfile and have a cron to populate the file with every mailbox. /etc/pam.d/imap auth required pam_listfile.so onerr=fail item=user sense=allow file=/cyrus/userlist auth sufficient pam_ldap.so try_first_pass auth sufficient pam_winbind.so try_first_pass auth required pam_deny.so -- imp mailing list Frequently Asked Questions: http://wiki.horde.org/FAQ To unsubscribe, mail: [email protected]
