[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Bind/search more than one tree and server

To: openldap-technical@openldap.org
Subject: Re: Bind/search more than one tree and server
From: "Dieter Kluenter" <dieter@dkluenter.de>
Date: Sun, 31 May 2009 09:26:31 +0200
In-reply-to: <C04AD84E4AC544499CF7AC2E1D2834E203138F03@AZ25EXM01.gddsi.com> (Thomas-P Schneider's message of "Fri, 29 May 2009 10:38:12 -0700")
References: <C04AD84E4AC544499CF7AC2E1D2834E203138F03@AZ25EXM01.gddsi.com>
User-agent: Gnus/5.1008 (Gnus v5.10.8) XEmacs/21.5-b28 (linux)

"Schneider, Thomas-P65851" <Craig.Schneider@gdc4s.com> writes:

> I am seeking a solution to be able to bind to, and search more than one tree
> and server per request using Linux. My goal is to maintain separate groups of
> user accounts on an OpenLDAP server -- e.g. local and network.  The groups of
> users can have overlapping posixAccount uid attributes, but will have unique
> uidNumber attributes. My main use case is authentication, which requires
> checking a remote LDAP server first -- currently AD which requires attribute
> re-mapping), then network tree on the local LDAP (openldap) if not in remote
> server, then the local tree on local server if not in the first tree. I have
> tried referrals and rewrites, but nothing I've tried worked.  It looks like
> the creation of a custom overlay will work, but I'd rather not go down that
> path. I have also tried using PAM, but pam_ldap is limited to one
> configuration per service (modifying pam_ldap is an option at this point).

man slapo-chain(5).

-Dieter


-- 
Dieter Klünter | Systemberatung
http://www.dpunkt.de/buecher/2104.html
sip: +49.180.1555.7770535
GPG Key ID:8EF7B6C6
53°08'09,95"N
10°08'02,42"E

References:
- Bind/search more than one tree and server
  - From: "Schneider, Thomas-P65851" <Craig.Schneider@gdc4s.com>

Prev by Date: Deleting records while iterating through ldap_result
Next by Date: RE: 'unary operator expected' error when TLS turned on - SOLVED
Index(es):
- Chronological
- Thread