OpenLDAP: How to use backend LDAP server only to authenticate user from frontend ldap?
0
votes
2
answers
118
views
I have users in OpenLDAP server. They are manually managed.
dn: cn=alice,ou=contoso,dc=combined,dc=internal
mail: alice@contoso.com
dn: cn=bob,ou=fabrikam,dc=combined,dc=internal
mail: bob@fabrikam.com
It's DN says that user is from company
fabrikam or contoso.
When user makes simple bind to OpenLDAP server, I want OpenLDAP to
* select backend server for this user based on his DN:
* * ou=contoso,... => backend ldap server is 192.168.1.11
* * ou=fabrikam,... => backend ldap server is 192.168.1.12
* search for user within backend server by mail attribute: (&(mail={orig.mail})(objectClass=user)) to get DN of this user from backend server (back_dn)
* try to bind as back_dn to backend server using password provided by user and return success or error
I can't find any working example of this, or even something around it, please, help me...
Asked by filimonic
(141 rep)
Feb 4, 2025, 10:25 PM
Last activity: Feb 5, 2025, 11:38 AM
Last activity: Feb 5, 2025, 11:38 AM