More than one LDAP server? (LDAP Authenticator Extension)

Hi all

Is it possible to add a fallback LDAP server to the config? As of now, the documentation only talks about one server to be configured in xwiki.authentication.ldap.server. A short look at the source code didn’t reveal anything like this.

We’re running the LDAP Authenticator Extension V9.4.5 here.

Thanks in advance


Actually the document do talk a bit about multi server support in But it’s not based on a fallback system: the value used in the login form need to contain a “clue” regarding the LDAP server which should be used (for example “”) and then you can customize the configuration based on this criteria.

You can find a detailed example in the general configuration example in (the xwiki.authentication.ldap.remoteUser* properties).

You would like to specify more than one ldap server to mitigate an outage, right? Not sure if you could specify more than one ip/server for the ldap_server property, probably not. @tmortagne is the expert and can answer this in case this was your question.

There are many ldap implementations that do not support multiple LDAP servers to be specified (or only static). Which is only a question of time until this will no longer work :wink:

ActiveDirectory implementations that use SRV records are an exception here. But again, most implementations do not work this way.
You options in this case:

  • use a dedicated DNS name like “” that has a very short ttl that points to a working LDAP server and manually/automatically update DNS
  • use a load balancer (Layer 4 or protocol specific) that will round robin/fail over to a working LDAP server