<quote who="Marcin Giedz"> > Is there any way to do something like this without copying all data many > times. > > 1) there is entry: uid=user1,ou=people,dc=xx,dc=x > The entry has objectClass = person, posixAccount etc.. So there is > attribute userPassword. > > 2) there are entries: > [EMAIL PROTECTED],ou=domains,dc=xx,dc=x > [EMAIL PROTECTED],ou=domains,dc=xx,dc=x > [EMAIL PROTECTED],ou=domains,dc=xx,dc=x,
I think your design is a bit strange. Why not have these mail attributes as part of the user entry like: mail: [EMAIL PROTECTED] mail: [EMAIL PROTECTED] And then do your search. You then only need one userPassword. > > however I had to copy some attributes from > uid=user1,ou=people,dc=xx,dc=x like userPassword (with objectClass') to > every entry @dom1,@dom2,@dom3 to be able to authenticate such user. > > Now I'm wondering if there is any way to NOT copy attribute userPassword > (and others) to @dom1.... but rather "create" reference to > uid=user1,ou=people,dc=xx,dc=x in every @domX so when ldapsearch is > performed I will be able to get userPassword using filter > ([EMAIL PROTECTED]) and authenticate user1? > > Regards, > Marcin > > -- > ARISE M.Giedz, T.ŻebruŠsp.j. > http: www.arise.pl > mail: [EMAIL PROTECTED] > tel: +48 502 537 157 > > >