Big news! The community will be moving to a new platform April 21. Read more.
Big news! The community will be moving to a new platform April 21. Read more.
Lieutenant
Lieutenant
411 views

Multiple Remote Loader in single server

We're using remote loader to connect to different AD domain (under same forest) through a single AD member server.

As there's a need to handle ID creation in different domain per user, hence instead of using one MAD driver, we will need to create the corresponded number of MAD driver to handle different domain ID creation. Is it possible to run multiple remote loader instance in single server, and any limit of the remote loader instance can be run on single server?

0 Likes
9 Replies
Commodore
Commodore

Yes you can have more than one remote loader on a member server. How many more depends on load than on physics of the remote loader. Experiment and measure will show limit

Michiel Los
0 Likes
Lieutenant
Lieutenant

Thank you, Michiel Los.
0 Likes
Knowledge Partner Knowledge Partner
Knowledge Partner

Just keep in mind that publisher password sync does not support multiple AD drivers on a single RL server, IIRC.

______________________________________________
https://www.is4it.de/identity-access-management
Lieutenant
Lieutenant

Thanks for the highlight, yes, taking into consideration on this, not using password sync in this case.
0 Likes
Vice Admiral
Vice Admiral

The solution to this is not running multiple instances of the standard AD driver; you need the MDAD driver (Multi-domain Active Directory driver). It runs on a differently flavored remote loader (the .NET remote loader), and can provision across the whole forest. It's not included in the base IDM package, you need the Enterprise package (I think).




0 Likes
Lieutenant
Lieutenant

Hi rrawson, thanks for the input. Yes, we are planning to use MDAD in this case, however single MDAD can only create an account in either one of the domain under the forest. In our case user require more than one account across different child domains, for example, one account in domain A and another one in domain B, is it possible to achieve that through single MDAD driver?
0 Likes
Knowledge Partner Knowledge Partner
Knowledge Partner

Possible maybe but I would use one driver per domain anyway.
In one driver you get one association per account. If you need several account to be create you will probably need to write quite complex code to keep the diffrent account in the domain synchronized. I think that will be much easier to do with several drivers.
Especially if you dont need the password synchronized.
Vice Admiral
Vice Admiral

I have never tried to use the MDAD driver in that way but have done it with the AD driver. It's really complex and usually solution specific. I have also done a multi-driver solution with the standard AD driver, for a service account in addition to a standard account. That's generally pretty easy. Most often for that use case you don't want the same password for both accounts anyway.


Lieutenant
Lieutenant

Thanks @rrawson and @joakim_ganse.

I will implement the same and shall update here again with my result on the number of RL instances that can run within a single server.

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.