Re: proxy authentication

On 10/11/11 16:03 +0100, LALOT Dominique wrote:

Hello,

We would like to setup a kind of replica. We don't want to replicate some attributes like userpassword, lmpassword, ntpassword. How can we configure the replica to proxy the authentication somewhere else. Is there a way to do that via an overlay or something else?

back-ldap may be a solution, assuming that you don't have any locally stored data.

You could utilize pass-through authentication to delegate authentication to a remote ldap server via saslauthd, Courier authdaemon, or possibly auxprop/ldapdb. However, pass-through authentication won't give you lmpassword or ntpassword.