March 29, 2018 at 5:11 am #21342shiweiParticipant
I have an environment with 3 DS instances. After I entered and saved the 3 ldap servers under REALMS > [realm name] > Data Stores, the ldap server list gets reordered.
For example, I entered in the following order
But after saving the changes, the list gets reordered as follows
The only related document I can find is OPENAM-5867 https://bugster.forgerock.org/jira/browse/OPENAM-5867 but there is no clear resolution for it.
I am using AM 5.5.1 and DS 5.5.1, would appreciate any help.
ShiweiMarch 29, 2018 at 9:44 am #21346handatParticipant
I have not tried it myself, but maybe if you import the config using amster it may retain its order?March 29, 2018 at 9:35 pm #21354Bill NelsonParticipant
I have not observed that behavior myself – at least not on earlier product versions. I will have to test this out.
On a different note, however, ForgeRock supports having multiple datastores, but that is not the best approach. There are a couple of idiosyncrasies that you may or may not be aware of when doing this. First of all, if you have the same user in multiple DBs (or different users that match your search criteria), then you will never get past the first match. Once a user is found in one DB, the processing stops. The second thing to keep in mind is that if you elect to create users via OpenAM (which is also not a good practice), then you will end up creating them in ALL of the DBs configured in your datastore.
Have you considered using an abstraction layer in front of the DBs? Something maybe like Radient Logic? Then you have one endpoint to interface with and you can control the logic via the abstraction layer. Just a thought.March 30, 2018 at 9:50 pm #21363Scott HegerParticipant
Are you setting these up as different Data Stores or is this the list of LDAP servers defined within your Data Store? If the latter then the order doesn’t really matter if you use the proper format to tell OpenAM which LDAP server to use by which OpenAM Server and Site. The format is: LDAP server host name:port | server_ID | site_ID.April 2, 2018 at 3:24 am #21369shiweiParticipant
Is it possible to define just by site ID? For example, ds1.example.com||03October 10, 2018 at 9:10 am #23416ramakrishna.vijjapuParticipant
We have to create user data store with multiple OpenDJ servers in OpenAM 5.5 with the below format.
Format: LDAP server host name:port | server_ID
Can you please explain what is ‘Server_ID’ and from where we can get it.
You must be logged in to reply to this topic.