[Date Prev][Date Next] [Chronological] [Thread] [Top]

Split attributes across servers


We'd like to have two servers, each containing part of the
attributes of a given dn.  For example,
for a given dn: uid=babs,ou=people,dc=example,dc=org

the server: ldap://public_server
would contain the public info for babs, say:  uid, sn, cn, title

and the server: ldap://secure_server
would contain the private info for babs, say: homePhone, jpegPhoto

We want some users only to see the public info,
which is easy with the standard LDAP auth mechanisms.

But we want other users to see ALL the attributes,
public and secure, as a single integrated record.
Is there a way to integrate these two servers so they
could return a single record with ALL the attributes?

The reason is that different institutions will host the
servers, and the secure server folks don't want to manage the
public info, and the public server folks don't want to know
the secure info.

Is there a way to do this?  I read over the the docs on slurpd,
but didn't see one.

Many thanks,



Steve Sullivan    sullivan@mathcom.com