Hi All,
I have an LDAP server running with all users and respective groups say ( a.example.net). I was wondering if there is any way I could separate user subtree into another OpenLDAP server (b.example.net) and still be able to define those users as member of groups in a.example.net (for a new requirement). Basically I want to separate user repository (which is global) from all other subsystems like my groups or organization units which contains these users as members. If its possible, please point me to the documentation, I tried searching all over but could not find enough example of Referrals or proxying. Another thing I would like to understand that is it a good idea to create another directory server just for user authentication and read, how common it is? Or should I consider replication?
Thanks for the help and support.