On Thursday, 15 April 2010 15:02:42 Ian Gillman wrote:
We have a situation where we have 2 OpenLDAP databases containing usernames, passwords etc... for two distinct entities.
You don't say so explicitly, but it seems you mean you have 2 servers, each with a (different) database.
We would like to be able to send an authentication request to one of the databases and have it return yes or no based upon the information in both databases.
In other words, database A (DBa) has user A's (Ua) credentials and database B (DBb) has user B's (Ub) credentials. We would like to be able to talk to either DBa or DBb and get back the user credentials and authentication for both Ua and Ub.
Is there some way I can set up OpenLDAP to be able to try and authenticate a user request locally and then, if that fails, to authenticate the request remotely without the requestor having to know about the remote database? We do not want to replicate information between the databases.
Have you looked at the meta backend? Specifically, the SCENARIOS section of slapd-meta(5).
Regards, Buchan