Multiple LDAP Directory Support
Many organizations choose to have all users authenticate against a central (meta)directory, such as Microsoft's Active Directory or Novell's eDirectory. Some organizations, however, have various user groups, domains, organizational units, and in the context of global enterprise organizations, regional lines of business grouped separately to help manage access. The separate grouping of user groups, domains, organizational units, and lines of business is sometimes accomplished using multiple LDAP servers and or server sets.
While there are identity management security concerns, along with network and information concerns with any system, a thorough discussion of all relevant issues associated with managing multiple LDAP servers and server sets is beyond the scope of this page (and all RapidIdentity Guides). Consequently, this page and Identity Automation must make the following 2 assumptions:
This page is aimed at administrators whose organization determined that two or more LDAP servers will exist to manage the types of groups mentioned above.
Organization directories, their configuration/setup, and functionality are all perfect.