7.3 LDAP Configuration

The LDAP configuration information for a multi-server cluster setup is as follows:

  • iFolder supports the eDirectory, OpenLDAP, and Active Directory directory servers.

  • While configuring the iFolder server, use the LDAP Search Context option in YaST to ensure that the master LDAP search group you specify is the superset of all the slaves. You can specify all the slave search contexts, separated by commas. For example, o=org is the master LDAP search group, and ou=KAR and ou=DL are the slave LDAP search groups. In this case, the slave LDAP search groups should be the subset of the master LDAP search group. You can either specify o=org as the LDAP search context or specify ou=KAR, ou=DL. In the latter case, slaves have a specific search context or group containing users who can exclusively access the slave server and store the data.

  • Ensure that each iFolder server has its own eDirectory replicas so that the authentication happens locally instead of walking the eDirectory tree.

  • iFolder supports both secure and non-secure communication with the directory server. You can choose any communication channel that you need. Ensure that the directory server is listening on standard LDAP ports for secure and non-secure channels.