On Tuesday, 1 May 2007, Mark Mcdonald wrote:
Despite not understanding the architecture completely, it sounds like LDAP will fill your needs.
Have a read of the following man pages to see if it's what you're after:
slapd-ldap slapo-translucent slapo-chain
Of course, LDAP - without any special backends or overlays - was designed to allow this in the first place, via referrals. So, if the software in question follows referrals, and assuming it has (e.g. firewall) access to all the LDAP servers in question, no special tricks should be necessary.
back-dns could even be an option to easily provide referrals.
Using a proxy and/or the chain overlay would ease some aspects of this (e.g. not require any LDAP client to have network access to all LDAP servers), but is not strictly necessary.
Regards, Buchan