Domain Model for LDAP
Bomgar Verify has the ability to fully support direct integration with the following LDAP servers:
- Microsoft Active Directory
- Microsoft ADAM (Active Directory Application Management)
- Novell eDir
- Sun Directory server
In addition, Bomgar Verify can support a fully heterogeneous environment, allowing various vendor’s LDAP servers to coexist and be managed by a single Bomgar Verify server. This allows companies exceptional scope to manage a truly heterogeneous LDAP environment.
Security Server Scenarios
Bomgar Verify can be deployed many ways into a network environment; these are discussed in the topics below.
There are three deployments to consider:
- Single security server
- Multiple security servers
- Multiple domain model
It should be noted that version 5 onwards of Bomgar Verify can support any multi LDAP server environment within a network and is not limited to all LDAP servers of being the same type.
Single Security Server
A single Bomgar Verify security server instance is installed, although in a very simple deployment there is no redundancy for the authentication, as only one Bomgar Verify security server is installed and configured.
Multiple Security Servers
In a multiple Bomgar Verify security server example, each site’s RADIUS or Web device will be configured to send authentication requests to one of two Bomgar Verify security servers. Each Bomgar Verify security server will share the same config.db key across all installations. Each Bomgar Verify security server will be paired to two LDAP servers. This provides a highly redundant authentication topology. Alternatively one Bomgar Verify server can be located at each site with each VPN using the other sites Bomgar Verify server as its second server
Multiple Domain Model
Each Bomgar Verify security server can be configured with up to two LDAP servers for each domain your company uses, with no limit on the number of domains. Each domain can be configured for any of the supported LDAP server types. The domain component of the UserID is used to dynamically switch the security server to the relevant domain. If no domain component is given in the UserID then a default domain or search for first match can be used.