Luiz M Oliveira 85marcelo@gmail.com writes:
Hello everyone
I'm having trouble configuring a distributed environment directories. I have the following scenario:
A company with three departments (departments A, B and C) separated geographically. In each department a server is configured to store user input for authentication.
The suffix of the directory of the three departments are configured as
dc = company, dc = com
Below the root directory of the three branches are configured. Using the example of the department A:
Department_A dc =, dc = company, dc = com: has the user input in that department. departamento_B dc =, dc = company, dc = com: stores a referral to server B department departamento_C dc =, dc = company, dc = com: stores a referral to server B from the Department
All departments follow this structure, but each department is set up a referral for other outlying departments.
If a user of the department is located on the department network and B want to authenticate to that site, to query the server B, you receive a referral for their department of origin.
Can I implement this authentication scenario, with all servers using the same suffix and below referrasl implemented for the branches of foreign departments?
I would probably define subordinate ldap backends instead of referrals. Something like
database ldap suffix ou=department_A,dc=company,dc=com ... subordinate
database ldap suffix ou=department_B,dc=company,dc=com ... subordinate
database hdb suffix dc=company,dc=com ...
-Dieter