[rabbitmq-discuss] Dual domain ldap configuration
simon at rabbitmq.com
Tue Jun 3 10:00:47 BST 2014
I'm afraid that's not possible; we assume one LDAP configuration.
So you could connect two clusters with shovel / federation. Other things
you could do, of varying degrees of hackishness:
* Use a single cluster, with different nodes of the cluster configured
to talk to different LDAP servers (nothing says all cluster nodes need
to have the same auth setup). Clients would need to know which node to
connect to obviously.
* Create a patched clone of the LDAP plugin called
rabbit_auth_backend_ldap2 or whatever, and configure "both" plugins
* Create an LDAP proxy which talks to both LDAP servers. A quick Google
suggests that OpenLDAP with back-ldap and suffixmassage might be one
route to do this.
On 02/06/2014 21:19, Pieter Erzeel wrote:
> I have a bit of a problem getting the LDAP configuration right for my
> rabbitmq setup.
> The broker should be able to authenticate users that live in different
> LDAP servers for different domains. We have an internal LDAP server and
> an external one for the DMZ.
> Obviously the DN’s aren’t the same, so I would have to configure
> different binding parameters for each server.
> Is this possible? Or can this only be done by basically setting up two
> separate clusters with federation?
> rabbitmq-discuss mailing list
> rabbitmq-discuss at lists.rabbitmq.com
More information about the rabbitmq-discuss