Thanks for the feedback. Alex
On 9/20/07, Marc Boorshtein <[EMAIL PROTECTED]> wrote: > > > Now I am thinking how to enable delegation to multiple LDAP servers and > how > > to map users to these > > servers. Then how do you make users in ApacheDS to another principalDn > in > > the external server? > > > > MyVirtualDirectory handles this as part of the joiner system. When a > user binds to the virtual directory the joiner system loads the entry > and determines all of the 'DN's the user is joined with and attempts a > bind on each one. If any succeed the overall bind succeeds. If all > the attempts fail the overall bind fails. > > For instance a user binds with the DN > > uid=tuser,ou=users,dc=domain,dc=com > > This user maps to the remote directory entry > > uid=tuser,ou=users,c=mycompany,c=us > > and is joined to the AD entry > > cn=Test User,cn=Users,dc=domain,dc=com > > The joiner will attempt an internal bind for both > > uid=tuser,ou=users,c=mycompany,c=us > cn=Test User,cn=Users,dc=domain,dc=com > > internally returning success if either succeeds. > > I don't know if you want to implement a full joiner subsystem but > there's one way to implement it. > > Marc >
