Re^2: LDAP passthru server...

Hmm.. the problem with the ssh method is that it doesn't scale well and does introduce another point of failure. It would be a passable workaround for a low load server but not in a production environment.

I'm working on creating an LDAP proxy that also dumps to STDOUT.

Jason L. Froebe

Team Sybase member

No one has seen what you have seen, and until that happens, we're all going to think that you're nuts. - Jack O'Neil, Stargate SG-1

Comment on Re^2: LDAP passthru server...

Replies are listed 'Best First'.
Re^3: LDAP passthru server... by ghenry (Vicar) on Jun 01, 2005 at 22:06 UTC
Where would the proxy sit? You still need to encrypt traffic somehow. If you could put the proxy on the client app machine, the proxy could have a TLS/SASL link to your main LDAP box. But again, another SPOF, and more load on that box. Walking the road to enlightenment... I found a penguin and a camel on the way..... Fancy a yourname@perl.me.uk? Just ask!!!	[reply]
Re^4: LDAP passthru server... by jfroebe (Parson) on Jun 01, 2005 at 23:45 UTC
oh! I understand where you're coming from now! No, I'm trying to capture the LDAP query/response between the 3rd party application and the LDAP server. Basically, I'll read from the app, send to the ldap server (log the query to a file), read the response from the ldap server, send to the app (log the response to a file). Jason L. Froebe Team Sybase member No one has seen what you have seen, and until that happens, we're all going to think that you're nuts. - Jack O'Neil, Stargate SG-1	[reply]
Re^3: LDAP passthru server... by ghenry (Vicar) on Jun 01, 2005 at 22:15 UTC
I think we should move this discussion on to the OpenLDAP/LDAP-interop lists, as it has been discussed there before and is getting a bit OT perl coding ;-) Thanks. Walking the road to enlightenment... I found a penguin and a camel on the way..... Fancy a yourname@perl.me.uk? Just ask!!!	[reply]
Re^4: LDAP passthru server... by jfroebe (Parson) on Jun 01, 2005 at 23:53 UTC
Hi, Yup, it did get sidetracked. I think I wrote the question inadequately for people to understand what I was asking. I'll add the proxy to the code section when I'm done. Jason L. Froebe Team Sybase member No one has seen what you have seen, and until that happens, we're all going to think that you're nuts. - Jack O'Neil, Stargate SG-1	[reply]