feature request: support multiple servers (list)

[johnarnold]

E.g. if one server/uri is not available, use the next one.

I guess the simplest way to implement would be a loop in authenticate() that just tries each one in the list until one will bind. Comments/thoughts on this approach?

[jmwaldrip]

bump, this would be a great addition.

[LindsayHill]

@jmwaldrip this plugin is community-written & supported. PRs are welcome if you want to add those features.

[jmwaldrip]

@LindsayHill Thanks for the information. As I have time, I will look at getting a PR submitted.

[mtatsuma]

ldap.initialize() func. in python-ldap can accept the list of urls as documented in https://www.python-ldap.org/en/python-ldap-3.2.0/reference/ldap.html#ldap.initialize

The uri parameter may be a comma- or whitespace-separated list of URIs containing only the schema, the host, and the port fields. Note that when using multiple URIs you cannot determine to which URI your client gets connected.

Then, we can configure for the multiple servers as

backend_kwargs = { "ldap_uri": "ldap://ldap1.example.com,ldap://ldap2.example.com,ldap://ldap3.example.com" ... }

I confirmed it works well even when the some of the listed ldap servers are down. We can improve the document, though.