Redirect bind requests to another server

[Simon Maier <simon.maier@uni-konstanz.de>]

Hi,

I have a question about a special LDAP setup, we want to implement at
the university computing centre. The story as it's intended to be:

We're running a groupware application (openxchange), which uses a LDAP
server (openldap 2.2.23 on Suse 9.3) to authenticate its users (mainly
members of the computing centre) and to store contacts, group
memberships of the users and some of the user settings. This server
runs on the same machine as the groupware itself.

There is another LDAP server (i don't know the version used there), that
holds the centralized password and account name of all users at the
university for various authentication purposes. This server only
accepts bind requests.

The goal is to authenticate the users against the central LDAP server
but to store the settings etc. on the local server. There is one
additional problem, the naming contexts on the servers do not match
each other. To give you a basic idea I reproduced this with "generic"
names:

central: cn=user.account,ou=peopl,o=my organisation,c=acountry
local:uid=user.account,ou=Users,ou=OxObjects,dc=my,dc=groupware,dc=server,dc=acountry

Is there a way to accomplish this?

If this is a RTFM question, please excuse me asking, but I'm not very
familiar with openldap

By the way, we're planing to upgrade the server to a later version of
the operating system, so answers for openldap 2.3.27 would be helpful
too.

regards

Simon