[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP as Proxy

To: Christof Grigutsch <cg@msdnet.de>
Subject: Re: OpenLDAP as Proxy
From: Pierangelo Masarati <ando@sys-net.it>
Date: Mon, 18 Apr 2005 17:20:43 +0200
Cc: openldap-software@OpenLDAP.org
In-reply-to: <200504181554.39743.cg@msdnet.de>
References: <200504181554.39743.cg@msdnet.de>
User-agent: Mozilla Thunderbird 1.0 (X11/20041206)

Christof Grigutsch wrote:

Hello, I would like to furnish gladly OpenLDAP as Proxy. The Proxy is to announce itself with user and passport at a Windows-2003 server. Unfortunately I do not find useful documentation in the Doku and otherwise in the Web. Possibly can someone help me here?

The only "stock" way of doing that is to use back-ldap as in OpenLDAP 2.3 (which is currently in beta) and exploit the identity assertion feature described in <http://www.openldap.org/faq/data/cache/532.html>. Among the possible configurations, you can implement a proxy that in reaction to anonymous operations binds to a remote server with an administrative identity and does not perform any proxyAuthz; of course, the administrative identity should be pretty much unprivileged... YMMV

Other solutions may require (extensive) coding.

p.

--
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it

   SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497

References:
- OpenLDAP as Proxy
  - From: Christof Grigutsch <cg@msdnet.de>

Prev by Date: OpenLDAP as Proxy
Next by Date: Re: test021-certificate fails on hp-ux 11i & openldap 2.2.21
Index(es):
- Chronological
- Thread