Hello:

I'm looking to set up a few OpenLDAP servers as pure query-only proxies (no update at this point) to our "other directory" servers we happen to use in our environment.  We'd like to keep the security settings we currently have on these "other directory" servers that only allows users with valid accounts on the said "other directory" server to query the server.  What would be the simplest, quickest configuration to achieve this?  Should I create a generic 'ldapuser' account on the "other directory" server and use those credentials every time?  Can I "pass" a user's credentials as part of my proxy request?

I've read through the Admin Guide and the sample slapd.conf files, and I'm a little stumped as to how to proceed - I only made it as far as setting up the very basic proxy server.


current slapd.conf
----------------------------
database       ldap
lastmod        off
uri               "ldap://ouradserver.ourdomain.com:389/DC=ourdomain,DC=com"
suffix          "dc=ourdomain,dc=com"

Thanks for any tips and pointers,

--Mark