Data Store LDAP server list is reordered by OpenAM

This topic has 5 replies, 5 voices, and was last updated 3 years, 11 months ago by ramakrishna.vijjapu.

  • Author
  • #21342


    I have an environment with 3 DS instances. After I entered and saved the 3 ldap servers under REALMS > [realm name] > Data Stores, the ldap server list gets reordered.

    For example, I entered in the following order

    But after saving the changes, the list gets reordered as follows

    The only related document I can find is OPENAM-5867 but there is no clear resolution for it.

    I am using AM 5.5.1 and DS 5.5.1, would appreciate any help.



    I have not tried it myself, but maybe if you import the config using amster it may retain its order?

     Bill Nelson

    I have not observed that behavior myself – at least not on earlier product versions. I will have to test this out.

    On a different note, however, ForgeRock supports having multiple datastores, but that is not the best approach. There are a couple of idiosyncrasies that you may or may not be aware of when doing this. First of all, if you have the same user in multiple DBs (or different users that match your search criteria), then you will never get past the first match. Once a user is found in one DB, the processing stops. The second thing to keep in mind is that if you elect to create users via OpenAM (which is also not a good practice), then you will end up creating them in ALL of the DBs configured in your datastore.

    Have you considered using an abstraction layer in front of the DBs? Something maybe like Radient Logic? Then you have one endpoint to interface with and you can control the logic via the abstraction layer. Just a thought.

     Scott Heger

    Are you setting these up as different Data Stores or is this the list of LDAP servers defined within your Data Store? If the latter then the order doesn’t really matter if you use the proper format to tell OpenAM which LDAP server to use by which OpenAM Server and Site. The format is: LDAP server host name:port | server_ID | site_ID.



    Is it possible to define just by site ID? For example,||03



    We have to create user data store with multiple OpenDJ servers in OpenAM 5.5 with the below format.

    Format: LDAP server host name:port | server_ID

    Can you please explain what is ‘Server_ID’ and from where we can get it.

Viewing 6 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?