Authenticating users in OpenLDAP from multiple OUs

linux openldap

I am new to openLDAP and trying to figure out the best way to layout my DIT. The problem I'm running into is many of my applications want to use a specific baseDN in which to look in for authenticating users, however many of my users are spread out in different Organizational Units (ou=managers,dc=ex,dc=com ou=accounting,dc=ex,dc=com etc).

An example is an in house web application. The login page wants to build a bind DN based on the userid and a given OU. I don't see a way to specify multiple OUs so the only way I can get everyone to login is specify the base DN as being the root of my DIT (dc=ex,dc=com). Authentication takes a good 5 to 10 seconds to look through the entire DIT.

Is there a way to create a symlink or something in one OU which points to an actual user account in another OU? This way, I could create an OU called "ou=webapp1,dc=ex,dc=com" and just refer to users from the ou=managers and ou=accounting OUs without actually duplicating user info.


Take a look at this answer but ultimately it seems like there is no way to make users part of multiple ou's

Related

Need advise on linking apache and tomcat
Cisco ASA 5540_outside to inside traffic NAT
Logging wildcard query in bind
WIldcard SSL Subdomain Not Pointing at Correct DocumentRoot
DNS and URL Mapping
windows server 2008 dns: adding zone for existing external domain
realtime sync files between ec2 instances [duplicate]
how to create sftp account
need help from some professional how to redirect old or invalid url
Unable to send mail to hotmail from rackspace cloud
Samba4 and Kerberos configuration on a dedicated server
How to makesure VM is in Para virtualization mode on XEN?