[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Question about multiple Backends

Simon Maier wrote:
> I have a tricky Question, at least I think it ist. At the computing
> center of our university we use a groupware (openxchange). This
> gropware needs a LDAP server with write access. For this reason it
> can't be integrated into the centralised LDAP of the university. Still
> it's the idea, that the users are authenticated against the central
> password store. The problem is the passwords should not be synchronised
> with the centralised database/LDAP-server for security reasons. For the
> same reasons the use of the ldap backend

How is the naming defined in the directories? If name spaces are
distinct I'd use back-ldap to search user entries during authentication
and use the DNs of the central LDAP directory in the access control of
the Groupware directory (e.g. directly in ACLs or in group entries).

Ciao, Michael.