I have an LDAP server running with all users and respective groups say (
). I was wondering if there is any way I could separate user
subtree into another OpenLDAP server (b.example.net
) and still be able to
define those users as member of groups in a.example.net
(for a new
requirement). Basically I want to separate user repository (which is global)
from all other subsystems like my groups or organization units which
contains these users as members. If its possible, please point me to the
documentation, I tried searching all over but could not find enough example
of Referrals or proxying. Another thing I would like to understand that is
it a good idea to create another directory server just for user
authentication and read, how common it is? Or should I consider replication?
Thanks for the help and support.