locked
Authenticate with multiple LDAP providers RRS feed

  • Question

  • Hello,

    Is it possible to authenticate users from multiple LDAP enviroments?

    I need an enviroment where some of my users are in AD and other users can be in one of two additional LDAP enviroments.

    Any guidance would be appreciated.

    Thank you


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Monday, April 8, 2013 3:02 PM

Answers

  • It shouldn't have any effect on MySites at all.  If you put the MySites host in the main Web App it would be completely transparent.  If you put it in its own Web App you would want to extend that to two additional zones also and setup the LDAP membership providers.  Either way, no matter which way you authenticate all the content goes in the same content databases, so it would by default be viewable by all users.

    Paul Stork SharePoint Server MVP
    Principal Architect: Blue Chip Consulting Group
    Blog: http://dontpapanic.com/blog
    Twitter: Follow @pstork
    Please remember to mark your question as "answered" if this solves your problem.

    Monday, April 8, 2013 4:52 PM

All replies

  • You can do this by extending the web application to two additional zones and setting each of the zones to use an LDAP membership provider configured to point at each of the LDAP environments.  Each type of user would use a different URL to login, but all would see the same content.

    Paul Stork SharePoint Server MVP
    Principal Architect: Blue Chip Consulting Group
    Blog: http://dontpapanic.com/blog
    Twitter: Follow @pstork
    Please remember to mark your question as "answered" if this solves your problem.

    • Proposed as answer by satishjjadhav Monday, April 8, 2013 3:08 PM
    Monday, April 8, 2013 3:06 PM
  • Thank you Paul for your reply.

    Do you maybe know how this would reflect to MySites? It is very important for me that each and every user has the ability to create his personal site and share his site with all of the other users.

    Also all of this users should be able to work as a group on variuos team sites. Will this also be possible?

    I hope I was clear.


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Monday, April 8, 2013 3:15 PM
  • Given you also extended your MySite Web Application, yes.  And extending a Web Application provides the users with the same content.

    Alternatively, you could leverage ADFS as the endpoint for authentication (you'll have to develop your own auth providers, though) and use the ADFS Trusted Identity Provider in SharePoint.  This would keep you from having to extend the Web Application.


    SharePoint - Nauplius Applications
    Microsoft SharePoint Server MVP
    MCITP: SharePoint Administrator 2010

    -----------------------
    This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

    Monday, April 8, 2013 3:30 PM
  • It shouldn't have any effect on MySites at all.  If you put the MySites host in the main Web App it would be completely transparent.  If you put it in its own Web App you would want to extend that to two additional zones also and setup the LDAP membership providers.  Either way, no matter which way you authenticate all the content goes in the same content databases, so it would by default be viewable by all users.

    Paul Stork SharePoint Server MVP
    Principal Architect: Blue Chip Consulting Group
    Blog: http://dontpapanic.com/blog
    Twitter: Follow @pstork
    Please remember to mark your question as "answered" if this solves your problem.

    Monday, April 8, 2013 4:52 PM
  • Thank you very much for your replies.


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Tuesday, April 9, 2013 9:08 AM