OpenLDAP as a Proxy
Hello,
Not sure this is the right place or even possible... Our AD structure is rather messy and managed by another group. We would like to do some mapping of users to groups (ACS Radius Server) but cannot map on attributes. Can openLDAP act as a proxy and based on a specific attribute assigned to a user put that user in a role and then let us run ldap queries against it? Thanks, koncept |
I'm not aware of a proxy-functionality, you'd have to code something
yourself I'm afraid; or, by using some sort of delayed replication (unfortunately only polling of sorts possible to the best of my knowledge) - maybe using Net::LDAP? - and modifying the stuff you then want to store in OpenLDAP and write that to there from the same program .... Cheers, Tink |
Thanks for getting back to me. I didn't expect it to work since this doesn't seem like a common or smart thing to be doing...
|
I don't know about that :}
There's commercial products that will let you do things like this, e.g. Oracle Virtual Directory (that's one I've come across). But not knowing what kind of money you got to splash out, or what kind of coding expertise there is in your environment it's hard to give practical advise. Cheers, Tink |
And revisiting this one ... goes to show that I don't always read all the docu
that comes with a product ;} Have a read of 'man 5 slapd-ldap' and 'man 5 slapd-meta' |
All times are GMT -5. The time now is 01:36 PM. |