I am trying to setup clustering between 2 site in our business. We are connected through an IPSec/IKEv2 VPN. Both offices are within their own Active Directory Domain. Clients in both locations use Spark to connect to their own Openfire servers using LDAP for authentication.
Here is my question.
I understand that all sites have to use the same database. Both sites are configured for MySQL. I know I will have to point all servers at the same database. But I read that they all have to be in the same domain as well. So my question is, how do I get the people at site 2 to authenticate with the cluster if they don’t have an account on site 1’s AD? Do I have to create accounts for them on site 1? Or will they still authenticate with their local AD and join the server anyways?
We do have active trusts setup between the domains so when a user at site 2 authenticates with their AD, they can access the shared resources at site 1 with no issues.
If I have to create users on site 1 for users at site 2 to login to the chat, I might just as well have them connect to openfire directly instead of clustering both sites together. I was just trying to streamline traffic over the VPN.
Like I said, the trust allows users at site 2 to access everything at site 1, but it does not replicate the users between the 2 domains.
Anyone got this working or should I just abandon the Openfire server at site 2 and have all users there connect directly to the site 1 server and just create users in site 1’s AD?