LDAP Authentication

We have the website for Instructional Communication set up with LDAP authentication so that our faculty can participate in a forum that is not available to the public. I recently discovered that faculty on the mc server (we have a couple that have joint appointments in nursing) can't log in. Do I need to add a second server to our LDAP settings and if so, how can I find out the correct settings? Does anybody know?

jrjenk5's picture

If you are hosted on the UKIT Hosted Drupal this should already be configured, if you can provide me with your Drupal Site name I will have the administrator take a look.

If you are running your own Drupal environment you would want to make sure that you have specified the Global Catalog Server, and not one of the Domain Controllers, as your LDAP server. Connecting to the Global Catalog will allow you to authenticate for both domains, whereas connecting directly to a domain controller will only work for the domain that controller belongs to.

Additionally the Global Catalog Server has an uptime commitment on it so that it should always be accessible, while domain controllers can be taken offline with little to no notice.

While I don't believe the server information is confidential I don't want to post it to a publicly available website without double checking, if you do not already have the server information please let me know and I will send it to you via email.

I believe you could also specify secondary Domain Controllers and Drupal will try them consecutively until either a match is found or the list is exhausted, but that would introduce additional checks when users are trying to login.

--
J.R. Jenkins