Luiz M Oliveira <[email protected]> writes: > Hello everyone > > I'm having trouble configuring a distributed environment directories. I have > the following > scenario: > > A company with three departments (departments A, B and C) separated > geographically. In each > department a server is configured to store user input for authentication. > > The suffix of the directory of the three departments are configured as > > dc = company, dc = com > > Below the root directory of the three branches are configured. Using the > example of the > department A: > > Department_A dc =, dc = company, dc = com: has the user input in that > department. > departamento_B dc =, dc = company, dc = com: stores a referral to server B > department > departamento_C dc =, dc = company, dc = com: stores a referral to server B > from the > Department > > All departments follow this structure, but each department is set up a > referral for other > outlying departments. > > If a user of the department is located on the department network and B want > to authenticate to > that site, to query the server B, you receive a referral for their department > of origin. > > Can I implement this authentication scenario, with all servers using the same > suffix and below > referrasl implemented for the branches of foreign departments?
I would probably define subordinate ldap backends instead of referrals. Something like database ldap suffix ou=department_A,dc=company,dc=com ... subordinate database ldap suffix ou=department_B,dc=company,dc=com ... subordinate database hdb suffix dc=company,dc=com ... -Dieter -- Dieter Klünter | Systemberatung sip: [email protected] http://www.dpunkt.de/buecher/2104.html GPG Key ID:8EF7B6C6
