Is there a way to do this? Just use slapo-pbind. Ah nice, this sounds more like it. However, I have two AD servers that I'm proxying -- is there a concept of using this overlay multiple times?
Doesn't seem like it, but I've never set it up. I suppose if each AD server had a different base for its DIT, it would be possible to add an option to direct auth requests to different AD servers based off of that. But that would be an enhancement to the existing functionality. May be worth filing an ITS to request it.
--Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: <http://www.symas.com>