How to connect Service Manager to multiples LDAP Servers
In some scenarios, it is required to configure service manager to connect to multiple LDAP servers to allow users from different domains to connect to service manager. As per design as single SM server instance can be connected to only one LDAP server at a time.
Service Manager and LDAP server connection is a one to one relationship. One SM server to one LDAP server.
Two LDAP servers with IP: xx.xx.xx.xx and yy.yy.yy.yy
- Setup Service Manager in horizontal scaling mode (with minimum 2 servers) following the steps from the help server.
- Connect to Service Manager, go to the scldapconfig file, retain the default LDAP Mapping page and only map the “Name” field of “operator” file to “sAMAccountName” (for Active Directory server).
- In the sm.ini configuration file of the first Service Manager server, add a parameter: “ldapserver1:IPc6%DN Search Base”, where IP is the IP address of the LDAP server. Example: ldapserver1:xx.xx.xx.xx,389,"cn=Users,dc=abc,dc=com"
- In the sm.ini configuration file of the second Service Manager server, add a parameter: “ldapserver1:IPc6%DN Search Base”, where IP is the IP address of the LDAP server. Example: ldapserver1: yy.yy.yy.yy,389,"cn=Users,dc=abc,dc=com"
- Set “ldapsslallownocert:1” in the sm.ini files on both Service Manager instances
Conclusion: Service Manager Server installed on host 1 will be connecting to LDAP server with IP: xx.xx.xx.xx, while Service Manager installed on host 2 will be connecting to LDAP server with IP: yy.yy.yy.yy. Thus we can configure Service manager to connect to multiple LDAP servers.
- Both Service Manager Servers are still connected to the same Database.
- SM server or servlets used by users from LDAP xx.xx.xx.xx should be different than the servlet used by users from LDAP yy.yy.yy.yy