Andreas Moroder andreas.moroder@sb-brixen.it writes:
Hello,
we have a web application that autenticates via openldap. Now a second hospital should use this same application, but they have their own autentication server, active directory in this case.
In our network the users authenticate giving their username ( amoroder in my case ) and password. Is it possible to configure openldap to redirect the bind request to the remote server when the username contains an extension like jsmith@remote ? Does this work with AD as second/remote authentication server ?
What you are requesting is some sort of X.500 DAP services plus the service of a virtual directory. This could partly be achieved with OpenLDAP, it would be easier to put a virtual directory in front of OpenLDAP and AD and have all users to authenticate against the virtual directory[1].
-Dieter
Footnotes: [1] http://penrose.safehaus.org/Home