[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: openLDAP as proxy
By default AD reveals users information only to bound clients; as a
consequence, you need to bind with some identity. This topic has been
mentioned many times in the past, I suggest you browse the mail archives
for suggestions. BTW, you don't need --enable-rewrite if you don't use
suffixmassage or any rewrite* directive.
p.
>
>
>
>
>
>
>
> Hi again,
>
> I have compiled openLDAP 2.2 iwth --enable-ldap --enable-rewrite, and
> this is my slapd.conf
> database ldap
> sufix "dc=my_domain,dc=com"
> uri ldap://machine.com
> lastmod off
> binddn "cn=root,dc=my_domain,dc=com"
> bindpw xxxxxxxx
> directory /var/lib/ldap
>
> machine.com is running M$ Active Directory.
> now I can do ldapsearch -x -b "dc=my_domain,dc=com", I get a result, but
> I can't understand this result.
> I get a lot of entryes, but all seems like machines. This is one entry:
>
> # m.root-servers.net, RootDNSServers, MicrosoftDNS, System,
> my_domain.com
> dn:
> DC=m.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=my_domain,DC=com
> dc: m.root-servers.net
> distinguishedName:
> DC=m.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=
> System,DC=my_domain,DC=com
> objectClass: top
> objectClass: dnsNode
> name: m.root-servers.net
>
> I haven't get the users entryes. May I add some special schema or
> something to "talk" with AD??
>
>
> --
>
> firma
> Aitzol
> Naberan Burgaña
> CodeSyntax
> anaberan@codesyntax.com
> www.codesyntax.com
> Tel: 943 82 17 80
--
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it
SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497