And the practical way to have a legacy namespace translation working together with a nice new LDAP server seems to be: ldapmaster.example.com <- This is shiney, new namespace, ppolicy and anything else. It has no legacy crap on it at all. ldaplegacy.example.com <- Translation server on different machine with a config roughly like:
Seems like a good solution. I had to run two environments in parallel once, that was a pain. ;)
--Quanah -- Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration