mahara-contributors team mailing list archive

[John <855525@xxxxxxxxxxxxxxxxxx>]

Hi, we could just use one server (global catalogue) but that still means
if it fails we loose all authentication. We currently have two domains,
each with its own AD server and Mahara works perfectly. The problem is
Mahara is hard wiring the AD server with a users account on first logon,
therefore you cannot have backup servers. I don't see this being a PHP
issue as it should be able to try each server in turn. The accounts
would have to be tied to an institution only and use the authentication
list for that in the order configured in the GUI. I'm sure most users
will think configuring multiple authentication in the GUI and ordering
them will give them failover. What it actually gives you is the first
one in the list to authenticate your logon, you are then tied to it and
even though others could positively authenticate you, it will give an
error saying you haven't entered the correct logon details.

John.

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
https://bugs.launchpad.net/bugs/855525

Title:
  Logon failure - LDAP authentication tied to one server

Status in Mahara ePortfolio:
  Won't Fix

Bug description:
  Mahara 1.4.0
  Linux Centos 5.7
  MySQL
  All browsers

  User logons failing when username and password are correct.

  We added two new Microsoft AD servers to our institution. However, all
  accounts in this institution cannot logon using these servers due to
  the users having the auth_instance declared in their usr entry
  (authinstance). If I update the auth_instance with the new server
  details they can logon. This means if that server fails users will not
  be able to logon even though we have other servers listed which can
  authenticate.

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/855525/+subscriptions