> Am 20.03.2018 um 16:44 schrieb lists (li...@merit.unu.edu) <users@sogo.nu>:
>
> Hi,
>
> We have been doing that for years. Config like this:
>
>> SOGoUserSources = (
>> {
>> type = ldap;
>> CNFieldName = displayName;
>> IDFieldName = cn;
>> UIDFieldName = uid;
>> bindFields = (sAMAccountName, cn);
>> baseDN = "CN=Users,DC=samba,DC=company,DC=com";
>> canAuthenticate = YES;
>> listRequiresDot = NO;
>> bindDN = "cn=sogo_search,cn=users,dc=samba,dc=company,dc=com";
>> bindPassword = very_secret;
>> displayName = "AD Internal Users";
>> MailFieldNames =(mail, otherMailbox, proxyAddresses);
>> hostname = "ldap://127.0.0.1:389";;
>> id = ad-users;
>> isAddressBook = YES;
>> port = 389;
>> scope = "SUB";
>> filter = "((samAccountType=805306368) AND (mail='*') AND (NOT
>> userAccountControl:1.2.840.113556.1.4.803:=2))";
>> }
>
> As you can see, we have sogo talk ldap to 127.0.0.1:389, which is where
> haproxy is listening. HAProxy is configured to talk to our three AD servers,
> doing the failover etc.
>
> Hope this helps?
So haproxy is Talking encrypted to the samba servers? With the option of
failover this sounds interesting. How hard is the haproxy configuration?
Regards Götz
--
users@sogo.nu
https://inverse.ca/sogo/lists
