Forum Discussion

Greg_H_32561's avatar
Greg_H_32561
Icon for Nimbostratus rankNimbostratus
May 18, 2010

LDAP Proxy - OU based routing

I've been reviewing the the , which looks great. However, we have a requirement to reselect LDAP pools based on which ou is being updated.

 

We have two seperate networks with LDAP servers in each network. Let's call them network a and network b. There are also OUs for two different user groups - group a and group b. So what I need is when a write request for OU a comes in, it needs to be routed to the LDAP servers on network a, and when write requests for OU b come in, they need to be routed to servers on network b.

 

Read requests can be sent to any server. What is the best way to read the OU information from the TCP::collect information?

 

 

Thanks in advance.
config
design

2 Replies

Sort By
  • Hamish's avatar
    Hamish
    Icon for Cirrocumulus rankCirrocumulus
    May 18, 2010
    You're going to have to parse the BER encoded LDAP request yourself... It's not too difficult, but to be complete, you're going to have to remember that you can get multiple LDAP messages in a single packet... It's quite possible that you'll have a bind (And a response expected), and then 2 or more LDAP requests (searches, mod, add etc) in a row (Async requests will be the hard part, you'll have to be prepared for that, and pass whole messages back, it's possible to collect data and have the buffering stop half way through a message).

     

     

    H
  • Greg_H_32561's avatar
    Greg_H_32561
    Icon for Nimbostratus rankNimbostratus
    May 19, 2010
    Hamish,

     

    Thanks for the response. This is looking like a much larger project all the time. It started off as a simple LDAP load balance setup, but has had multiple requirements added to it. I think this one is going to have to go on the back burner for now. Binary scan and parsing is not in my current skill set, so I guess it's back to the books.

     

    Thanks Again.
Related Content