Hi,
I am trying to create an OpenLDAP instance for our programming team's test environment. They want to have all data coherent with our production systems except for some of the passwords, so I figured I need to use the translucent overlay and override some userPassword attributes. I managed to do so, and I can tell that the local value of password attribute is being compared, not the one from the remote (production) server.
The probem is when users want to bind to the test server - their requests are being proxied to the production server. I would like them to bind using the overriden (local) credentials. Is it possible?
I am using OpenLDAP 2.3.43
Thanks in advance.
-- Mateusz
Mateusz Kijowski wrote:
Hi,
I am trying to create an OpenLDAP instance for our programming team's test environment. They want to have all data coherent with our production systems except for some of the passwords, so I figured I need to use the translucent overlay and override some userPassword attributes. I managed to do so, and I can tell that the local value of password attribute is being compared, not the one from the remote (production) server.
The probem is when users want to bind to the test server - their requests are being proxied to the production server. I would like them to bind using the overriden (local) credentials. Is it possible?
Can we see your config?
Gavin Henry wrote:
Mateusz Kijowski wrote:
Hi,
I am trying to create an OpenLDAP instance for our programming team's test environment. They want to have all data coherent with our production systems except for some of the passwords, so I figured I need to use the translucent overlay and override some userPassword attributes. I managed to do so, and I can tell that the local value of password attribute is being compared, not the one from the remote (production) server.
The probem is when users want to bind to the test server - their requests are being proxied to the production server. I would like them to bind using the overriden (local) credentials. Is it possible?
Can we see your config?
The current code doesn't do any special merging for Bind operations, it always passes them straight to the remote server. I suppose it might be useful to add that, probably should file an enhancement request.
Dnia czwartek, 14 sierpnia 2008, Howard Chu napisał:
Gavin Henry wrote:
Mateusz Kijowski wrote:
Hi,
I am trying to create an OpenLDAP instance for our programming team's test environment. They want to have all data coherent with our production systems except for some of the passwords, so I figured I need to use the translucent overlay and override some userPassword attributes. I managed to do so, and I can tell that the local value of password attribute is being compared, not the one from the remote (production) server.
The probem is when users want to bind to the test server - their requests are being proxied to the production server. I would like them to bind using the overriden (local) credentials. Is it possible?
Can we see your config?
The current code doesn't do any special merging for Bind operations, it always passes them straight to the remote server. I suppose it might be useful to add that, probably should file an enhancement request.
Thanks for the reply, submitted as ITS#5656
-- Mateusz
openldap-software@openldap.org