Mack Jenkins wrote:
What I am trying to do is this. When my OpenLDAP server is queried for authentication, if the user id and password are not local to my OpenLDAP server, but they do exist on another OpenLDAP server, I want my OpenLDAP server to tell the application that sent the log in request, to go to that other OpenLDAP server for authentication. I am hoping this can be done automatically without the user having to make another login attempt.
You can't, since out of scope binds do not return referrals (AFAIK). You should rather look at gluing (see the "subordinate" directive in slapd.conf(5)) your local database with a proxy (see slapd-ldap(5)) that points to your other server.
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it --------------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Email: pierangelo.masarati@sys-net.it ---------------------------------------