[Date Prev][Date Next] [Chronological] [Thread] [Top]

LDAP proxy to dynamicly chosen server


I have a scenario where I would like an LDAP proxy which looks at the base DN and generated a LDAP URI to proxy to dynamicly.
I have several 100.000 potential URIs and they change constantly, so hardwiring them in slapd.conf is not an option.

An search request arrives for this base "dc=host1,dc=mutex,dc=dk".
The proxy should proxy the request to:

... and so on for host2-<very high number> (no I don't have 200000 LDAP-servers but I have 200000 DNS entries to which server I do not kontrol the mapping)

I though I had to write a back-perl module, but I've been looking at slapd-meta and I see that it can rewrite to URIs:

"In case the rewritten DN is an LDAP URI,  the  operation  is  initiated
 towards  the  host[:port] indicated in the uri, if it does not refer to
 the local server"

But I can't get this to work. slapd-meta insists on having a "uri" directive which doen't make sense in my scenario and if I add a dummy "uri" it seems to try to connect to that server.
There might of course be some idea in reusing TCP connectiontions and that would be nice, since in reality there's only 3-4 servers answering request, but they are identified by 3-400.000 DNS entries.

Am I missing something?
Is this possible with slapd-meta?
Or do I have to write a back-perl module?