"D'Arcy Smith" ds.bcit@gmail.com writes:
Hi,
I have been looing into LDAP for a few days now (I am fairly new to it) and here is what I am attempting to do (but I haven't figured out if it is possible).
Currently I have access to an LDAP server that I use with apache/subversion to control access. This works but I would like to add some things, such as group information into LDAP to simplify some configuration (I have more applciations other than apache/subversion that need LDAP authendication).
I am not able to get changes made to the server that I have access to so what I figured would make sense is to inplement my own openldap server and add the group info there. I don't want to have the passwords in my own LDAP server, I want to pass password requests onto the upstream server.
So, is it possible for an openldap server to pass some requests onto another server and still provide other information to clients?
Hopefully that is clear :-)
This is feasable, in principle :-). OpenLDAP supports external authentication mechanisms and proxy authentication and authorization. But your task is rather hard to design in a real world. It depends on the abilities of your remote LDAP server and your authentication environment.
-Dieter