I'm trying to use our corporate openldap server for authentication to an application server (Github Enterprise) that does not support any "memberof" filters for allowed users.

As a workaround, I am looking into a translucent proxy server that would only return a subset of users. Github Enterprise would only "see" a few hundred users instead of thousands. Is this doable? Is there a better solution?