Replicate portion of an LDAP directory to external server

Posted by colemanm on Server Fault See other posts from Server Fault or by colemanm
Published on 2010-01-12T18:09:07Z Indexed on 2010/03/12 14:07 UTC
Read the original article Hit count: 206

Filed under:

ldap

|

jabber

|

ejabberd

|

authentication

|

replication

We're in the process of setting up a Jabber server on Amazon EC2 right now, and we'd like to have our internal users authenticate via LDAP so we don't have to create/manage a separate set of user accounts than the master directory in the office.

My question is: is there a way to copy, unidirectionally, a segment of our internal LDAP directory (the user accounts OU) to an external LDAP server and authenticate Jabber against that?

We're trying to work around having our externally hosted machines out in the cloud accessing our internal network directly... If we can replicate in one direction only a subset of the user accounts, then if that gets compromised we don't necessarily have a critical security breach into our internal network.

© Server Fault or respective owner

Related posts about ldap

NetApp FAS 2040 LDAP Win2k8R2

as seen on Server Fault - Search for 'Server Fault'
I am trying to get my FAS2040 to action user lookups using LDAP, below is the filer configuration options: filer> options ldap ldap.ADdomain dc1.colour.domain.local ldap.base OU=Users,OU=something1,OU=something2,OU=darkside,DC=colour,DC=domain,DC=local ldap.base… >>> More
Ubuntu 12.04 Preseed LDAP Config

as seen on Server Fault - Search for 'Server Fault'
I'm trying to deploy Ubuntu 12.04 via xCAT, everything works except the automatic configuration of LDAP, the preseed file is read but the file /etc/nsswitch is not written properly. My Preseed File: [...] ### LDAP Setup nslcd nslcd/ldap-bindpw password ldap-auth-config ldap-auth-config/bindpw password ldap-auth-config… >>> More
NetApp FAS 2040 LDAP Win2k8R2

as seen on Server Fault - Search for 'Server Fault'
I am trying to get my FAS2040 to action user lookups using LDAP, below is the filer configuration options: filer> options ldap ldap.ADdomain dc1.colour.domain.local ldap.base OU=Users,OU=something1,OU=something2,OU=darkside,DC=colour,DC=domain,DC=local ldap.base… >>> More
Apache+LDAP auth on Ubuntu says "Can't contact LDAP server" while ldapsearch is perfect

as seen on Server Fault - Search for 'Server Fault'
Hi Gurus, I'm migrating from an existing apache+LDAP+mysql+php server to a new hardware platform. Old server is running Debian Lenny, which I have no config documentation available (was done by previous sysadmin); New server is running Ubuntu 10.04.2 LTS 32bit. After installing Apache and configured… >>> More
Spring security ldap: no declaration can be found for element 'ldap-authentication-provider'

as seen on Stack Overflow - Search for 'Stack Overflow'
Following the spring-security documentation: http://static.springsource.org/spring-security/site/docs/3.0.x/reference/ldap.html I am trying to set up ldap authentication (very simple - just need to know if a user is authenticated or not, no authorities mapping needed) and have put this in my applicationContext-security… >>> More

Related posts about jabber

Getting a Jabber status via Python

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm developing a website using the Django framework, and I need to retrieve Jabber (okay, Google Talk) statuses for a user. Most of the Jabber python libraries seem like an incredible amount of overkill (and overhead) for a simple task. Is there any simple way to do this? I know very little about… >>> More
Open Fire jabber server with Pandion client with integrated windows auth

as seen on Server Fault - Search for 'Server Fault'
Does anyone have a complete set of instructions on what needs to be done to Open Fire for it to support the Pandion client to connect with integrated windows authentication? (Currently my Open Fire server works fine for Spark, and is using the AD accounts but Pandion can't connect) >>> More
Jabber/XMPP Client for BlackBerry

as seen on Server Fault - Search for 'Server Fault'
Hello All, I am looking for a Jabber/XMPP client for BlackBerry that I can use with our OpenFire server. It needs to be able to use the Secure connection from OpenFire either the SSL or TLS. It needs to be a direct connection to our server, no 3rd party sever in the middle It needs to be free… >>> More
XMPP/jabber client help

as seen on Stack Overflow - Search for 'Stack Overflow'
I want to develop a chat application with floowing features 1)user A visits website clinks on chat . 2)Website picks another user B who is single(who is not paired) and pairs him with A. 3)Now A and B can chat till they want. Now here neight A or B are registered member of website.Neight they… >>> More
Jabber integration into site and multiple domains

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi all, I'm creating a centralised web product, i.e. a customer gets assigned a personal domain, for example company1.example.com or company2.example.com and can then use our service. I'm planning to integrate a jabber service into the website. I have already found a decent jabber client library… >>> More