Hi, I'm stuck with foreign domain integration and not sure how to proceed.

We have our own LDAP domain (dc=<domain>,dc=com) and within it two sections, ou=staff (us) and ou=People (clients). This works just fine and a search on dc=domain,dc=com covers both sets of users as website logins.

Now I want to add in users from a client's LDAP server. I can add a new domain (o=<client>,c=com) and attach it to their LDAP server and that looks like it's working just fine, but how do I attach my website to this setup? I don't see how I can look up users across multiple domains.

What I think I need is to pull in a single branch of their domain into our domain. That would look something like: dc=<domain>,dc=com ou=Staff ou=People ou=<Client> <==== ou=Utilisateurs,o=<client>,c=com but of course I'd still need to relay any bind requests in the ou=Client section to the client's LDAP server.

Can anyone point me in the right direction please? NOTE: values in angle brackets are simply anonymised.