[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: ldap meta + activedirectory
Pierangelo Masarati a écrit :
===
>> database meta
>> suffix cn=Users, dc=meta, dc=domain, dc=local uri
ldaps://adserver.domain.local/cn=Users,dc=domain,dc=local \
ldaps://adserver2.domain.local/cn=Users,dc=domain,dc=local
^^^ Only the first URI in a URI list must provide the naming context
database ldap
suffix "dc=domain,dc=local"
uri ldap://ldap.domain.local/cn=Users,dc=domain,dc=local
suffixmassage "cn=Users,dc=meta,dc=domain,dc=local3"
"cn=Users,dc=domain,dc=local3"
binddn proxyuser
bindpw xxx
TLSVerifyClient allow
# /opt/openldap2/libexec/slapd
/opt/openldap2/etc/openldap/slapd.conf: line 81: unable to parse uri
"ldap://ldap.domain.local/cn=Users,dc=domain,dc=local" in "uri <uri>"
line: URL doesn't begin with "[c]ldap[si]://"
with: uri ldap://ldap.domain.local
stark ok
but nothing in tree
http://www.openldap.org/lists/openldap-software/200501/msg00573.html
proxyuser exist in windows AD and is in administrator group (not really
best. if someone have more precise config ?)
I also insist on suggesting back-ldap instead of back-meta unless you
ok, i switch :)
version of OpenLDAP you're using, so I cannot be more specific on the
latest (2.2.20-stable) on whitebox linux/x86, i'm on test for now.
Regards
Julien