Multiple LDAP Server

[manair]

Hi,

We use WingFTP with AD authentication via LDAP. As we can only add one LDAP server there is an issue when that domain controller is unavailable users cannot connect to FTP.

Could we have a setting to add multiple LDAP servers and where one is unavailable it would use the next one? This would prevent outages we are currently getting when patching domain controllers.

[FTP]

For your requirement, you can:

1. Use "Windows Authentication", and create an additional domain controller.

2. Use "LDAP Authentication", and use the LDAP proxy server.

[manair]

For your requirement, you can:

1. Use "Windows Authentication", and create an additional domain controller.

We use the "map to group" functionality and also restrict who can access using an ldap filter. So this isn't an option.

2. Use "LDAP Authentication", and use the LDAP proxy server.

I've not been able to find one to run on a windows server. We do not use Linux.

[manair]

I have now successfully tested with open ldap for windows. Looking at the LDAP logs I think there is a bug with with WingFTP with the amount of authentications made to the LDAP server. It appears that a multiple request are sent for each session. For example if I login to the FTP that is one authentication request, if I then transfer 100 files, 100 authentication requests are made, if I then delete 50 files another 50 requests are made.

The reason I'm looking at adding resilience to LDAP is as authentication regularly fails on our server (with the correct password scripted). I now think this is due to all this LDAP chatter overloading the DC's. We have two busy WingFTP servers and the DC's are on the other side of a firewall. The way I see it, there should be one LDAP request at logon and no more.

Is this something that can be looked into? Should I raise this in the bug forum?

[FTP]

Got it! We will improve it in the next release.

[FTP]

The new version 4.4.9 is out now, it enhanced the performance of the LDAP Authentication, please upgrade to this version.

[manair]

Thanks.

[axnav]

Hi FTP,

I wanna wake up this thread, because the first post describes our needings perfectly.

We use your WING FTP in our windows domain.

Due to security policies I have to use for authentication AD LDAP instances.

But this limitation creates a single point of failure, if the LDAP goes down no authentication possible.

I can administrate for one domain onle one LDAP source.

I wish I could administrate here two or more LDAP Servers.

Maybe you can realize this in near future?

Kindly regards,

[FTP]

Please check out this Lua script: http://www.wftpserver.com/bbs/viewtopic.php?f=6&t=3264" rel="nofollow