Re: back-meta ignoring binddn ?

[Tom Riddle <ftr@highstreetnetworks.com>]

Pierangelo Masarati wrote:

> As a consequence, if you
> bind to server A as X and X gets resolved to server B,
> your bind is propagated there; other targets get bound
> anonymously.  

So there is no way to bind to serverC as X as well ?

> Note that back-meta does not (yet?)
> support auth proxying.
>  

Not sure what you mean by auth proxying - is that what I'm trying to do ?

> If you need to bind to each remote server as an
> applicative identity, you may exploit the pseudorootdn
> feature.  For all those remote servers that have
> valid pseudorootdn and pseudorootpw config directives,
> when binding as rootdn to the back-meta, the bind gets
> propagated to the remote servers with these administrative
> identities (which should be remote administrative
> identities).
>  

I don't think that will help me, I need to bind as non-rootdn.

> In case, an appropriate setup
> of subordinate back-metas should work for you, 
>
>  

What would that look like ?  One back-meta subordinate of another 
back-meta ?
Should I change back-ldap to back-meta at serverB & serverC ?


Thanks for your reply,
Tom

--
Tom Riddle
HighStreet Networks
www.highstreetnetworks.com