[keycloak-user] User federation from multiple LDAP servers

Thu Dec 22 14:01:33 EST 2016

Hi,

What we do:

Setup HAProxy on the keycloak host, define one front-end server in 
haproxy on localhost:636, then multiple ldap.host:636 servers as 
backend-servers in HAProxy.

And then make keycloak talk to localhost:636.

HAProxy does a very good job at that.

MJ

On 12/22/2016 05:32 PM, Georgijs Radovs wrote:
> Hello everyone!
>
>
> Is it possible to set up User Federation from multiple replicating LDAP
> servers?
>
> For example:
>
> We have 2 FreeIPA servers, which are replicating between each other.
>
> And, we have 2 Keycloak servers in standalone-ha mode, using S3_PING
> session failover.
>
> How to add second FreeIPA server to User Federation?
>
> We've tried to add second LDAP server in User Federation and set lower
> priority for it, but when user account sync happens, Keylcoak server
> shows, that user account from FreeIPA server 2 is already linked to
> FreeIPA server 1.
>
>
>