Re: Can openldap do fan-out authentication?

[Adam Williams <awilliam@whitemice.org>]

> > >> > Is there a way to use openldap to accept authentication queries from
> > >> > this application, and attempt to verify the password against a list of
> > >> > databases?  Some or all of the databases would be other LDAP servers.
> > >> Only against other LDAP servers with back-meta.
> > > That sounds like what I wanted.  How would you set this up with
> > > back-meta?  I couldn't find an example.
> > man slapd-meta(5) 
> > http://www.openldap.org/doc/admin22/proxycache.html
> > http://www.openldap.org/faq/data/cache/532.html
> I don't see any example of authentication to multiple LDAP servers
> in those references.

meta is just that - meta.  It will create a single unified tree from
multiple disparate trees,  thus you can authenticate against the
meta-backend and be verifing against all the trees.  The issue isn't
really authentication but constructing a single point for authentication
information that contains all the disperate systems - which is what meta
does.