[Date Prev][Date Next]
Re: Redirect bind requests to another server
<quote who="Simon Maier">
> I have a question about a special LDAP setup, we want to implement at
> the university computing centre. The story as it's intended to be:
> We're running a groupware application (openxchange), which uses a LDAP
> server (openldap 2.2.23 on Suse 9.3) to authenticate its users (mainly
> members of the computing centre) and to store contacts, group
> memberships of the users and some of the user settings. This server
> runs on the same machine as the groupware itself.
> There is another LDAP server (i don't know the version used there), that
> holds the centralized password and account name of all users at the
> university for various authentication purposes. This server only
> accepts bind requests.
> The goal is to authenticate the users against the central LDAP server
> but to store the settings etc. on the local server. There is one
> additional problem, the naming contexts on the servers do not match
> each other. To give you a basic idea I reproduced this with "generic"
> central: cn=user.account,ou=peopl,o=my organisation,c=acountry
> Is there a way to accomplish this?
slapo-rwm - rewrite/remap overlay
slapd-ldap - LDAP backend to slapd
slapo-rwm can be used to rewrite/map the naming contexts, and slapd-ldap
can be used to authenticate local users to the remote Directory.
> If this is a RTFM question, please excuse me asking, but I'm not very
> familiar with openldap
> By the way, we're planing to upgrade the server to a later version of
> the operating system, so answers for openldap 2.3.27 would be helpful
Best get the latest versions. Grab Buchans RPMs from:
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
Open Source. Open Solutions(tm).