Re: Distributed LDAP

["Jonathan Higgins" <jhiggins@kennesaw.edu>]

Although I have never used it myself in my implementation, there is an overlay called glue .. you can find it at http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/overlays/?hideattic=1&sortbydate=0

it should do what your talking about... i think.


Jonathan Higgins
IT R&D Project Manager
Kennesaw State University
jhiggins@kennesaw.edu

>>> Imobach =?iso-8859-15?q?Gonz=E1lez_Sosa?= <igonzalez@becarios.ulpgc.es> 03/17/05 4:59 AM >>>
Hi all,

We're trying to set up a distributed LDAP service and I haven't found 
comprehensive documentation on how accomplish that. Any link to such 
documentation?

I've got some questions that were answered in this thread: 
http://www.openldap.org/lists/openldap-software/200001/msg00031.html

However, that thread is 5 years old and maybe things has changed from this 
days. So, I'll repeat some of them. First of all, the scenario: we've got two 
servers (oneserver and otherserver). "oneserver" suffix is 
"dc=my-domain,dc=com" and we wanna delegate "ou=People,dc=my-domain,dc=com" 
to "otherserver".

1) suffix in oneserver is "dc=my-domain,dc=com". Is mandatory suffix in 
"otherserver" to be "ou=People,dc=my-domain,dc=com"?

2) How authentication is accomplished in "otherserver". Suppose that I use a 
"user" "cn=proxyuser,dc=my-domain,dc=com" to bind to "oneserver". If I query 
on "dc=my-domain,dc=com" and the entry I'm looking for is in "otherserver", 
how 'oneserver' knows which binddn must use? Is the client the responsible of 
knowing about it?

Ok, I guess that implementing a distributed ldap services is easier than 
understand my message with my poor english skill ;-) Sorry!

Thank you in advance.

-- 
Imobach González Sosa
Servicio de Informática y Comunicaciones de la ULPGC
e-mail: igonzalez en becarios.ulpgc.es
Teléfono: +34 928 459519