Consider the following security risks before configuring Directory Proxy Server for proxy authorization:
When Directory Proxy Server is configured for proxy authorization, it assumes the rights of any client for which it forwards a request. A Directory Proxy Server that is not authorized to perform write operations on data, can perform those operations by using proxy authorization.
An LDAP server must contain an entry with the appropriate R/W ACIs for the user specified in the proxy authorization control. If the entry was accessed illegally by a third party, that party might be able to impersonate.
The authorization identity configured in the proxy authorization control must be protected from tampering.