[Date Prev][Date Next]
Re: is this possible
"D'Arcy Smith" <firstname.lastname@example.org> writes:
> I have been looing into LDAP for a few days now (I am fairly new to
> it) and here is what I am attempting to do (but I haven't figured out
> if it is possible).
> Currently I have access to an LDAP server that I use with
> apache/subversion to control access. This works but I would like to
> add some things, such as group information into LDAP to simplify some
> configuration (I have more applciations other than apache/subversion
> that need LDAP authendication).
> I am not able to get changes made to the server that I have access to
> so what I figured would make sense is to inplement my own openldap
> server and add the group info there. I don't want to have the
> passwords in my own LDAP server, I want to pass password requests onto
> the upstream server.
> So, is it possible for an openldap server to pass some requests onto
> another server and still provide other information to clients?
> Hopefully that is clear :-)
This is feasable, in principle :-).
OpenLDAP supports external authentication mechanisms and proxy
authentication and authorization. But your task is rather hard to
design in a real world. It depends on the abilities of your remote
LDAP server and your authentication environment.
Dieter Klünter | Systemberatung
GPG Key ID:8EF7B6C6