[Date Prev][Date Next] [Chronological] [Thread] [Top]

back-ldap: proxying legacy apps to legacy or V3 servers

To: openldap-software@OpenLDAP.org
Subject: back-ldap: proxying legacy apps to legacy or V3 servers
From: "Randall S. Winchester" <rsw@sendmail.com>
Date: Thu, 17 Jan 2002 10:11:54 -0800 (Pacific Standard Time)
In-reply-to: <Pine.WNT.4.40.0201170950180.241-100000@atlantis.sendmail.com>


I would like to use back-ldap as a proxy from an application that is
compiled against openldap-1.x. I would like to support backend LDAP
servers that are either openldap-1.x for newer LDAP-V3. The
authentication may be either simple or one of the various SASL or
other LDAP-V3 methods of authentication.

While I can use "ldapsearch -x -h remotehost" to get legacy behaviour,
I do not see that there is a way to do the same with back-ldap.

i.e. when I try "ldapsearch -x -h 127.0.0.1" I always get failures,
with or without SASL support compiled in.

It looks like it needs some of the same "connection/security" options
as "replica" support in the slapd.conf file.

I want the "localhost LDAP applications" to always talk via simple
auth to the "localhost LDAP proxy". It should then be up to the
slapd.conf file to tell OpenLDAP/back-ldap how to comunicate with the
remote LDAP server. Eventially (next release...) I would like the
"locahost LDAP applications" to use ldapi:// vis simple auth as well,
but still with the OpenLDAP back-ldap proxy as the "mediator" to the
remote LDAP servers.

Am I missing something? I can not find anyway to change what it thinks
it is doing...

The same would apply to back-meta of course, but I can get by with
back-ldap untill back-meta gets released.

Thank you,
Randall

Follow-Ups:
- Re: back-ldap: proxying legacy apps to legacy or V3 servers
  - From: Pierangelo Masarati <masarati@aero.polimi.it>

Prev by Date: Re: Problem with migrate to ldap authentication (Re Hat 7.2)
Next by Date: Re: Problem with migrate to ldap authentication (Re Hat 7.2)
Index(es):
- Chronological
- Thread