← Back to team overview

mahara-contributors team mailing list archive

  1. mahara-contributors team
  2. Mailing list archive
  3. Message #06299

[Bug 855525] Re: Logon failure - LDAP authentication tied to one server

  Thread PreviousDate PreviousThread Next 
Ah - I now understand what you mean - I've been thinking in terms of an authinstance, as opposed to an authentication method - sorry.  You are quite right that you can add the same authentication method twice (giving two authinstances), and get the effect that you are seeing.  Also, it is not surprising that a user gets associated with the first one that gives a positive authentication result, and then associates them with it going forward.
Mahara is treating them as logically separate authentication sources, even though they are of the same method and you want to treat them as logically the same.
There is no easy solution to this as users require the same authinstance id to share across them - something that is fundamental to Mahara.
If the usernames and passwords are the same in both directories, then you could possibly bulk update users to the faill-over authinstance, or modify the connection parameters to the active authinstance as a DR strategy - but if the outage happens frequently then this is far too cumbersome.
Other than that, the LDAP auth method would have to be redeveloped to allow multiple connections to be configured and tried - which leads back to the discussion on where the appropriate place is to architect fail-over.

Cheers,
Piers Harding.

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
https://bugs.launchpad.net/bugs/855525

Title:
  Logon failure - LDAP authentication tied to one server

Status in Mahara ePortfolio:
  Won't Fix

Bug description:
  Mahara 1.4.0
  Linux Centos 5.7
  MySQL
  All browsers

  User logons failing when username and password are correct.

  We added two new Microsoft AD servers to our institution. However, all
  accounts in this institution cannot logon using these servers due to
  the users having the auth_instance declared in their usr entry
  (authinstance). If I update the auth_instance with the new server
  details they can logon. This means if that server fails users will not
  be able to logon even though we have other servers listed which can
  authenticate.

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/855525/+subscriptions

References

  Thread PreviousDate PreviousThread Next