I have a requirement to mix two different resources into a single LDAP directory:
1. Zimbra LDAP (internal users)
2. MySQL DB (external users)
-> 1+2=Apache Directory Server (all users)
As I already create the ApacheDS from MySQL nightly with a PHP script (excluding "userPassword" so far). I ask myself how I could transfer the SSHA encrypted Zimbra "userPassword"? Also I will need to restructure some attributes to match the requirements of the new LDAP - therefore a simple replica will not do the job.
I also thought of using the ApacheDS as external authentication source for Zimbra, but do neither like the idea of managing internal users on different places nor will I try again to customize the Zimbra LDAP itself.
Somebody has already done a similar thing or ideas how such a concept could be best handled?