We have a Linux Redhat LDAP server (server A) that perform forwarding. That is someone makes a request from the LDAP server and if it cannot find an entry for the request it makes the request of another server (server B). The authentication is by challenge response. The user name and password is given and if the user password combination is correct then details are returned.
My problem is that server B is to change to an authorised user authentication (ldaps)requiring a bind then a connection using the authorised user name and the password.
I have the authorised user name and password and can successfully do a direct request to server B (using an ldap python script) from server A. This doesn't use the ldap daemon.
My problem is how to configure the slapd.conf file on server A, to receive a request, given a user name and their password (password now not now needed) and find their details from server B performing a bind and authentication using the authorised user and that passwd.
Previous the slapd config for the forwarding was
Code:
database ldap
uri ldap://serverB.example.org.au
suffix "dc=serverB,dc=example,dcorg,dc=au"
database bdb
suffix "dc=serverA,dc=example,dc=org,dc=au"
rootdn "cn=Manager,dc=serverA,dc=example,dc=org,dc=au"
I could write a Python program but to receive forward and reply. It should, I think, be easier/quicker to configure slapd.conf
