Am Thu, 26 Apr 2018 09:33:56 -0300 schrieb seguranca informacao <[email protected]>:
> Hi guys, > > I'm trying to accomplish a configuration that I'm not aware of. I > need to replicate several directories (AD, openldap, etc) to a unique > repository (my openldap). The thing is I need to have completely > separate trees for each domain (client). Any ideas in how to do that? > bellow is an example what I'm thinking of: > > > dc=example,dc=com > cn=users > cn=groups > > ------------------------------ complete separation > dc=domain,dc=com > cn=users > cn=groups > > ------------------------------ complete separation > dc=test,dc=ca > cn=users > cn=groups > > ------------------------------ complete separation make use of slapd-ldap(5), slapd-relay(5) and slapo-rwm(5) something like: database ldap suffix dc=test,dc=ca ... database relay suffix dc=test,dc=example,dc=com relay dc=test,dc=ca overlay rw rwm-suffixmassage "dc=test,dc=example,dc=com" "dc=test,dc=ca" subordinate database mdb suffix dc=example,dc=com -Dieter -- Dieter Klünter | Systemberatung http://sys4.de GPG Key ID: E9ED159B 53°37'09,95"N 10°08'02,42"E
