edirectory question
Mike Dewhirst
miked at dewhirst.com.au
Fri Mar 12 05:25:28 CET 2010
Hi all - I couldn't find my answer in your archives so I joined the
list. Thanks for being here.
Background
I'm new to most of this but I managed to configure (for testing) a local
Novell eDirectory 8.7 LDAP service to respond to a remote request for
authentication. The client is a php website which requires auth and
which was built by someone else. I provided the bind user and I can
create my own local eDirectory users and successfully log them in to the
website.
The problem
The website owner has a large tree of Novell servers whereas my test
setup is a single server. We now wish to point the php website at the
large tree so that vast numbers of employees can login using their
Novell credentials. The problem is that the credentials are spread over
a number of org/org units like this ...
maintree
central (o)
binduser (cn)
suburbs (o)
footscray (ou)
users (cn)s
glenroy (ou)
moreusers (cn)
bayside (ou)
... and when I try to configure my own eDirectory in a similar
structure, the binduser cannot find credentials outside its own container.
I can solve the problem by creating an alias object named identically
for the user in the other container but this is totally unwieldy from
the viewpoint of the sheer numbers of users. It would be awful to do
that if there was another way.
Question
Is there another way?
Thanks
Mike
More information about the python-ldap
mailing list