[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: openLDAP as proxy



By default AD reveals users information only to bound clients; as a
consequence, you need to bind with some identity.  This topic has been
mentioned many times in the past, I suggest you browse the mail archives
for suggestions.  BTW, you don't need --enable-rewrite if you don't use
suffixmassage or any rewrite* directive.

p.


>
>
>
>
>
>
>
> Hi again,
>
> I have compiled openLDAP 2.2 iwth --enable-ldap --enable-rewrite, and
> this is my slapd.conf
> database     ldap
> sufix        "dc=my_domain,dc=com"
> uri          ldap://machine.com
> lastmod      off
> binddn       "cn=root,dc=my_domain,dc=com"
> bindpw       xxxxxxxx
> directory    /var/lib/ldap
>
> machine.com is running M$ Active Directory.
> now I can do ldapsearch -x -b "dc=my_domain,dc=com", I get a result, but
> I can't understand this result.
> I get a lot of entryes, but all seems like machines. This is one entry:
>
> # m.root-servers.net, RootDNSServers, MicrosoftDNS, System,
> my_domain.com
> dn:
> DC=m.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=my_domain,DC=com
> dc: m.root-servers.net
> distinguishedName:
> DC=m.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=
>  System,DC=my_domain,DC=com
> objectClass: top
> objectClass: dnsNode
> name: m.root-servers.net
>
> I haven't get the users entryes. May I add some special schema or
> something to "talk" with AD??
>
>
> --
>
> firma
> Aitzol
> Naberan Burgaña
> CodeSyntax
> anaberan@codesyntax.com
> www.codesyntax.com
> Tel: 943  82 17 80


-- 
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it




    SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497