Re: OpenLDAP as proxy for another LDAP-Server

[Andrew Findlay <andrew.findlay@skills-1st.co.uk>]

On Wed, May 14, 2008 at 10:49:02AM +0200, Dieter Kluenter wrote:

> Just to make sure, there are two directories, one that provides
> information on authentication and authorization, the second directory
> provides some additional iformation. If that is your request, than you
> may have a look at the translucent overlay.

That would depend on whether the two servers had identical namespaces
(tree layout, choice of RDN etc).

I have a similar requirement at the moment except that I only want to
use the second LDAP server to authenticate for a small proportion of the
entries in the first one. The namespaces are very different. I think
it can be done with a combination of rwm, back-ldap/back-meta and
slapd-relay, but this seems rather complex when all I really need is
'pass-through authentication'.

I will report back to the list if I come up with a workable solution,
but in the mean time does anyone have any pointers to a neat way of
doing this?

Andrew
-- 
-----------------------------------------------------------------------
|                 From Andrew Findlay, Skills 1st Ltd                 |
| Consultant in large-scale systems, networks, and directory services |
|     http://www.skills-1st.co.uk/                +44 1628 782565     |
-----------------------------------------------------------------------