> Am 20.03.2018 um 16:44 schrieb lists (li...@merit.unu.edu) <users@sogo.nu>: > > Hi, > > We have been doing that for years. Config like this: > >> SOGoUserSources = ( >> { >> type = ldap; >> CNFieldName = displayName; >> IDFieldName = cn; >> UIDFieldName = uid; >> bindFields = (sAMAccountName, cn); >> baseDN = "CN=Users,DC=samba,DC=company,DC=com"; >> canAuthenticate = YES; >> listRequiresDot = NO; >> bindDN = "cn=sogo_search,cn=users,dc=samba,dc=company,dc=com"; >> bindPassword = very_secret; >> displayName = "AD Internal Users"; >> MailFieldNames =(mail, otherMailbox, proxyAddresses); >> hostname = "ldap://127.0.0.1:389"; >> id = ad-users; >> isAddressBook = YES; >> port = 389; >> scope = "SUB"; >> filter = "((samAccountType=805306368) AND (mail='*') AND (NOT >> userAccountControl:1.2.840.113556.1.4.803:=2))"; >> } > > As you can see, we have sogo talk ldap to 127.0.0.1:389, which is where > haproxy is listening. HAProxy is configured to talk to our three AD servers, > doing the failover etc. > > Hope this helps?
So haproxy is Talking encrypted to the samba servers? With the option of failover this sounds interesting. How hard is the haproxy configuration? Regards Götz -- users@sogo.nu https://inverse.ca/sogo/lists