[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: proxy authentication

To: LALOT Dominique <dom.lalot@gmail.com>
Subject: Re: proxy authentication
From: Dan White <dwhite@olp.net>
Date: Thu, 10 Nov 2011 11:28:04 -0600
Cc: openldap-technical@openldap.org
Content-disposition: inline
In-reply-to: <CAP5z-VH823ziiT2SJ8w-vXGQL5ig8bvVYX-d1qFEy5MRSfnwrw@mail.gmail.com>
References: <CAP5z-VH823ziiT2SJ8w-vXGQL5ig8bvVYX-d1qFEy5MRSfnwrw@mail.gmail.com>
User-agent: Mutt/1.5.21 (2010-09-15)

On 10/11/11 16:03 +0100, LALOT Dominique wrote:

Hello,

We would like to setup a kind of replica. We don't want to replicate some
attributes like userpassword, lmpassword, ntpassword. How can we configure
the replica to proxy the authentication somewhere else.
Is there a way to do that via an overlay or something else?


back-ldap may be a solution, assuming that you don't have any locally
stored data.

You could utilize pass-through authentication to delegate authentication to
a remote ldap server via saslauthd, Courier authdaemon, or possibly
auxprop/ldapdb. However, pass-through authentication won't give you
lmpassword or ntpassword.

--
Dan White

References:
- proxy authentication
  - From: LALOT Dominique <dom.lalot@gmail.com>

Prev by Date: Re: Accesslog overlay access
Next by Date: Re: Searches causing disk writes
Index(es):
- Chronological
- Thread