Multiple LDAP Server

Post here if you have some suggestions or you want to request a new feature.
Post Reply
manair
Posts: 10
Joined: Thu Nov 01, 2012 8:05 pm

Multiple LDAP Server

Post by manair »

Hi,

We use WingFTP with AD authentication via LDAP. As we can only add one LDAP server there is an issue when that domain controller is unavailable users cannot connect to FTP.

Could we have a setting to add multiple LDAP servers and where one is unavailable it would use the next one? This would prevent outages we are currently getting when patching domain controllers.
FTP
Site Admin
Posts: 2072
Joined: Tue Sep 29, 2009 6:09 am

Re: Multiple LDAP Server

Post by FTP »

For your requirement, you can:

1. Use "Windows Authentication", and create an additional domain controller.

2. Use "LDAP Authentication", and use the LDAP proxy server.
manair
Posts: 10
Joined: Thu Nov 01, 2012 8:05 pm

Re: Multiple LDAP Server

Post by manair »

FTP wrote:For your requirement, you can:

1. Use "Windows Authentication", and create an additional domain controller.
We use the "map to group" functionality and also restrict who can access using an ldap filter. So this isn't an option.
FTP wrote: 2. Use "LDAP Authentication", and use the LDAP proxy server.
I've not been able to find one to run on a windows server. We do not use Linux.
manair
Posts: 10
Joined: Thu Nov 01, 2012 8:05 pm

Re: Multiple LDAP Server

Post by manair »

I have now successfully tested with open ldap for windows. Looking at the LDAP logs I think there is a bug with with WingFTP with the amount of authentications made to the LDAP server. It appears that a multiple request are sent for each session. For example if I login to the FTP that is one authentication request, if I then transfer 100 files, 100 authentication requests are made, if I then delete 50 files another 50 requests are made.

The reason I'm looking at adding resilience to LDAP is as authentication regularly fails on our server (with the correct password scripted). I now think this is due to all this LDAP chatter overloading the DC's. We have two busy WingFTP servers and the DC's are on the other side of a firewall. The way I see it, there should be one LDAP request at logon and no more.

Is this something that can be looked into? Should I raise this in the bug forum?
FTP
Site Admin
Posts: 2072
Joined: Tue Sep 29, 2009 6:09 am

Re: Multiple LDAP Server

Post by FTP »

Got it! We will improve it in the next release.
FTP
Site Admin
Posts: 2072
Joined: Tue Sep 29, 2009 6:09 am

Re: Multiple LDAP Server

Post by FTP »

The new version 4.4.9 is out now, it enhanced the performance of the LDAP Authentication, please upgrade to this version.
manair
Posts: 10
Joined: Thu Nov 01, 2012 8:05 pm

Re: Multiple LDAP Server

Post by manair »

Thanks.
axnav
Posts: 10
Joined: Thu May 19, 2016 10:11 am

Re: Multiple LDAP Server

Post by axnav »

Hi FTP,

I wanna wake up this thread, because the first post describes our needings perfectly.

We use your WING FTP in our windows domain.

Due to security policies I have to use for authentication AD LDAP instances.

But this limitation creates a single point of failure, if the LDAP goes down no authentication possible.

I can administrate for one domain onle one LDAP source.

I wish I could administrate here two or more LDAP Servers.

Maybe you can realize this in near future?

Kindly regards,
FTP
Site Admin
Posts: 2072
Joined: Tue Sep 29, 2009 6:09 am

Re: Multiple LDAP Server

Post by FTP »

Please check out this Lua script: http://www.wftpserver.com/bbs/viewtopic.php?f=6&t=3264" rel="nofollow
Post Reply