Hi,
I know the doc states that OpenLDAP provider is not currently accessible from outside the cluster. but is there an unsupported way to do it any way ? I’d like some MacOS client to an authenticate users against its NS server which is hosted on a VPS. Is it an intended use case ?
And bonus question : is it possible using ns7 too 
?
Txs
It is a good question! I tried without success to use firewall-cmd to set up a port-foward to the internal service. Another approach could leverage Traefik as a TCP proxy, but I can’t do this experiment now.
Card NethServer · GitHub
Interesting. So if using AD, AD is accessible using the IP of the host system where NS8 runs on.
But not if using OpenLDAP…
After all, AD is LDAP, but using a special “scheme”, both use the same ports…
Wonder why.
My 2 cents
Andy
@davidep thanks ! Please note that my use is case is accessing the LDAP from the WAN, not the LAN, but I’m not really sure it makes sense.
@Andy_Wismer ass stated by @davidep in the girhub card :
An Active Directory Domain Controller can be bound to a LAN IP, and accessed by LAN clients. The OpenLDAP account provider is bound to the cluster VPN and is not accessible ouside of the cluster.
That’s why 
An unneeded limitation. OpenLDAP itself allows binding whatever you want / need.
My 2 cents
Andy